No SSL Settings in Nginx with IPv6

Submitted by gnilebein on Mon, 04/03/2017 - 03:42

I have a problem when I try to enable SSL with IPV6.

SSL Active only with IPv4:

server {
        server_name webmail.feuerbiber.de www.webmail.feuerbiber.de;
        listen 5.45.108.193;
        root /home/feuerbiber.de/domains/webmail.feuerbiber.de/public_html;
        index index.html index.htm index.php;
        access_log /var/log/virtualmin/webmail.feuerbiber.de_access_log;
        error_log /var/log/virtualmin/webmail.feuerbiber.de_error_log;
        fastcgi_param fastcgi_keep_conn on;
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_pass localhost:8013;
                fastcgi_index index.php;
                fastcgi_split_path_info ^(.+\.php)(.*)$;
                fastcgi_keep_conn on;
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

        location ~ /\.ht {
                deny all;
        }

        location ^~ /data {
                deny all;
        }

        listen 5.45.108.193:443 ssl;
        ssl_certificate /home/feuerbiber.de/domains/webmail.feuerbiber.de/ssl.cert;
        ssl_certificate_key /home/feuerbiber.de/domains/webmail.feuerbiber.de/ssl.key;
        fastcgi_read_timeout 60;
}

SSL active with IPv4 and IPv6 (but there is no setting for SSL for IPv6 Adress):

server {
        server_name webmail.feuerbiber.de www.webmail.feuerbiber.de;
        listen 5.45.108.193;
        root /home/feuerbiber.de/domains/webmail.feuerbiber.de/public_html;
        index index.html index.htm index.php;
        access_log /var/log/virtualmin/webmail.feuerbiber.de_access_log;
        error_log /var/log/virtualmin/webmail.feuerbiber.de_error_log;
        fastcgi_param fastcgi_keep_conn on;
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_pass localhost:8013;
                fastcgi_index index.php;
                fastcgi_split_path_info ^(.+\.php)(.*)$;
                fastcgi_keep_conn on;
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

        location ~ /\.ht {
                deny all;
        }

        location ^~ /data {
                deny all;
        }

        listen 5.45.108.193:443 ssl;
        ssl_certificate /home/feuerbiber.de/domains/webmail.feuerbiber.de/ssl.cert;
        ssl_certificate_key /home/feuerbiber.de/domains/webmail.feuerbiber.de/ssl.key;
        fastcgi_read_timeout 60;
        listen [2a03:4000:6:214a::];
}

My Setup: - Ubuntu 16.06 - Nginx - webmin:all/virtualmin-universal 1.831 uptodate - webmin-virtual-server:all/virtualmin-universal 5.07.gpl uptodate

Status: 
Active

Comments

Submitted by JamieCameron on Mon, 04/03/2017 - 18:40

This quick fix is to add the line :

listen [2a03:4000:6:214a::] ssl;

which version of the Nginx SSL plugin are you running there though? This should appear on the Features and Plugins page.

Submitted by gnilebein on Tue, 04/04/2017 - 03:33

Thanks for your quick reply.

Nginx SSL website Plugin 1.4
Nginx website Plugin 2.1

Submitted by trenzterra on Tue, 04/04/2017 - 10:49

Hi,

I can confirm the same issue on the same plugin versions.

At the same time, I also wish to highlight that the "Redirect non-SSL to SSL" option does nothing under Nginx. By right, it should split the server blocks into two and do a 301 redirect on the non-SSL site.

Submitted by JamieCameron on Tue, 04/04/2017 - 18:28

Ok, it looks like we have some unreleased fixes to the Nginx SSL plugin. I'll look into getting a new 1.5 version out there.