uwsgi_ssl_name
The `uwsgi_ssl_name` directive specifies the hostname to use for SSL connections to a uWSGI server.
Description
The uwsgi_ssl_name directive is used when configuring NGINX to communicate with a uWSGI backend over SSL. This directive allows administrators to specify the SSL hostname that NGINX should present to the uWSGI server when establishing a secure connection. This is particularly useful for scenarios where the backend server is configured to require a specific hostname for certificate validation or hostname verification purposes.
The uwsgi_ssl_name takes a single argument, which is the hostname that should be used. It is supported in the http, server, and location contexts, enabling its use in various hierarchical levels of the NGINX configuration. It plays a crucial role in ensuring secure communication between NGINX and uWSGI instances, promoting best practices for securing application servers.
When set, the specified uwsgi_ssl_name is included in the ClientHello message as the Server Name Indication (SNI) before the SSL handshake, allowing the backend server to select the appropriate SSL certificate to return. If configured incorrectly, or if the hostname does not match the expected value on the uWSGI server side, SSL connections may fail, resulting in errors.
Config Example
location /app {
include uwsgi_params;
uwsgi_pass backend;
uwsgi_ssl_name example.com;
}Ensure that the hostname specified is valid and matches the certificate configuration of the uWSGI server.
Be cautious of typos or incorrect casing in the hostname, as SSL connections will fail if the provided name does not match the server's expectations.