ZhangHuangbin wrote:Could you please show us Nginx config related to this issue? And what's the expected result?
The expected result is "Hello World" - index.php in the docroot is a simple testing one. The server delivers the wrong certificate and leads to SOGo page (ruhrmail.email) - even when I disable the listen 443 directive and port forwarding. Maybe something php-catchall.tmpl related?
This is test.conf in sites-enabled:
server {
# Listen on ipv4
listen 80;
server_name test.stirnberg.net;
root /var/www/html/test;
index index.php index.html;
access_log /var/log/nginx/test.log;
error_log /var/log/nginx/testerr.log;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key
ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
ssl_session_timeout 1440m; # managed by Certbot
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
ssl_prefer_server_ciphers on; # managed by Certbot
ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA2
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
add_header Strict-Transport-Security max-age=31536000;
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy "no-referrer";
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
