grpc_ssl_name
The grpc_ssl_name directive specifies the hostname for the gRPC server when using SSL.
Description
The grpc_ssl_name directive is used in NGINX configuration to set the hostname that will be sent in the Server Name Indication (SNI) extension during the SSL handshake for gRPC connections. This is particularly important when NGINX is acting as a reverse proxy for multiple gRPC services that are hosted on a single IP address but require different SSL certificates based on the hostname requested by the client.
When this directive is set, NGINX will replace the hostname in the SSL context with the specified value during the processing of gRPC requests. It enhances the security and reliability of SSL connections by ensuring the correct certificate is presented for each particular gRPC service request. This directive is applicable in http, server, and location contexts, allowing for flexible configuration depending on the structure of your services.
The argument for this directive must be a single string, which defines the SSL hostname. If the directive is omitted, NGINX defaults to using the original host requested by the client. Proper configuration of grpc_ssl_name is essential for setups that involve virtual hosting or handling multiple gRPC backends.
Config Example
server {
listen 443 ssl;
server_name grpc.example.com;
grpc_ssl_name backend.grpc.example.com;
location / {
grpc_pass grpc://backend;
}
}Ensure the hostname is correct and corresponds to an SSL certificate that has coverage for that hostname.
Using grpc_ssl_name with multiple server blocks can lead to conflicts if not configured properly.