From 4bc3c747cb39bca18580dc93ab697b35d9971ac9 Mon Sep 17 00:00:00 2001
From: Erica Portnoy <ebportnoy@gmail.com>
Date: Mon, 10 Oct 2016 19:04:35 -0700
Subject: [PATCH] Mark parsed Nginx addresses as listening sslishly when an ssl
 on directive is included in the server block. (#3607)

---
 certbot-nginx/certbot_nginx/parser.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/certbot-nginx/certbot_nginx/parser.py b/certbot-nginx/certbot_nginx/parser.py
index a9ef21f2e..6203b5f71 100644
--- a/certbot-nginx/certbot_nginx/parser.py
+++ b/certbot-nginx/certbot_nginx/parser.py
@@ -473,6 +473,8 @@ def parse_server(server):
                      'ssl': False,
                      'names': set()}
 
+    apply_ssl_to_all_addrs = False
+
     for directive in server:
         if not directive:
             continue
@@ -486,6 +488,11 @@ def parse_server(server):
                 _get_servernames(directive[1]))
         elif directive[0] == 'ssl' and directive[1] == 'on':
             parsed_server['ssl'] = True
+            apply_ssl_to_all_addrs = True
+
+    if apply_ssl_to_all_addrs:
+        for addr in parsed_server['addrs']:
+            addr.ssl = True
 
     return parsed_server