Default HTTPs site behavior

[jlesage]

Hello,

This is about commit f987632. Not sure if you saw my comment there, but I think that keeping ssl_ciphers aNULL is a better approach.

With valid ciphers, the browser will show a warning about self-signed certificate. After the user accepts to continue, nginx will close the connection (because of the return code 444).

Using ssl_ciphers aNULL makes the connection fails immediately, even before the browser shows any certificate warning.

Since the goal of the default HTTPs site is to make sure that no page is served, it seems better to avoid the certificate warning.

[jc21]

Sorry for late response, holidays.

Yeah I saw your message after I changed it. I did think it was a bug at the time and since I couldn't see the default page over https, I assumed the handshake was broken by accident.

The impact of your idea vs what I changed is trivial. If it's what you really want, feel free to create another pr. Either way, the initial bug of seeing a non-default site as the default over ssl is solved.

[jlesage]

Thanks for coming back on this!
I will create a new PR as you suggested.

[jlesage]

PR #30 merged. Closing the issue.