How to Configure Multiple SSL Virtual Hosts in NGINX

If you run multiple websites on same server, you might want to secure them with a single SSL certificate, to save cost on buying SSL certificates. You can easily do it with the SNI features, available from NGINX 0.9.8f. SNI allows you to protect multiple websites using a single SSL certificate. Let us look at how to configure multiple SSL virtual hosts in NGINX.

How to Configure Multiple SSL Virtual Hosts in NGINX

Here are the steps to configure multiple SSL virtual hosts in NGINX.

Before you proceed, please ensure that you have enabled virtual hosts in NGINX. Here are the steps to do it.

Let’s say you want to host 2 websites www.example.com and api.example.com on same IP.

1. Create Virtual Host Files

First, we create separate virtual host files – one for each domain. You can add the config for both websites in the same config file if you want. But this way it is cleaner and easier to manage.

$ sudo vim /etc/nginx/sites-available/www.example.com
$ sudo vim /etc/nginx/sites-available/api.example.com

2. Add Virtual Host Configuration

Add the following lines of code in the 2 files

If you have a wildcard or multi-domain certificate

In this case we use the same SSL certificate details for both virtual hosts

#www.example.com

server {
 listen 80
 server_name www.example.com
 root /var/www/www.example.com/html; #also add a root dir here

  ssl on;
  ssl_certificate /var/www/ssl/certif.crt;
  ssl_certificate_key /var/www/ssl/certif.key;

} 

#api.example.com

server {
 listen 80
 server_name api.example.com
 root /var/www/api.example.com/html; #also add a root dir here
  ssl on;
  ssl_certificate /var/www/ssl/certif.crt;
  ssl_certificate_key /var/www/ssl/certif.key;
}

The key is to use different server_name and root values for each virtual host but use the same SSL certificate details for both.

If you have 2 different certificates

In this case, you use different SSL certificate details for both virtual hosts

#www.example.com

server {
 listen 80
 server_name www.example.com
 root /var/www/www.example.com/html; #also add a root dir here

  ssl on;
  ssl_certificate /var/www/ssl/certif.crt;
  ssl_certificate_key /var/www/ssl/certif.key;

} 

#api.example.com

server {
 listen 80
 server_name api.example.com
 root /var/www/api.example.com/html; #also add a root dir here
  ssl on;
  ssl_certificate /var/www/ssl/certif2.crt;
  ssl_certificate_key /var/www/ssl/certif2.key;
}

3. Enable the domains

Next, enable the 2 domains

$ sudo ln -s /etc/nginx/sites-available/www.example.com /etc/nginx/sites-enabled/www.example.com
$ sudo ln -s /etc/nginx/sites-available/api.example.com /etc/nginx/sites-enabled/api.example.com

4. Reload NGINX web server

Reload NGINX server to apply changes.

$ sudo service nginx reload

That’s it! NGINX will serve both your websites from same directory.

• About Author

About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!