I've just uploaded an SSL certificate on a test server running Nginx. I've added the cert and key files paths into nginx.conf, but no matter what I try, I keep getting this error:
Feb 23 15:01:20 myserver systemd[1]: Starting The nginx HTTP and reverse proxy server...
Feb 23 15:01:21 myserver nginx[1315]: nginx: [emerg] invalid value "ssl_certificate" in /etc/nginx/nginx.conf:67
Feb 23 15:01:21 myserver nginx[1315]: nginx: configuration file /etc/nginx/nginx.conf test failed
Feb 23 15:01:21 myserver systemd[1]: nginx.service: Control process exited, code=exited status=1
Feb 23 15:01:21 myserver systemd[1]: nginx.service: Failed with result 'exit-code'.
Feb 23 15:01:21 myserver systemd[1]: Failed to start The nginx HTTP and reverse proxy server.
I really, really don't get it: tried "/etc/pki/tls/certs/myserver.pem" or '/etc/pki/tls/certs/myserver.pem', doesn't change anything. I've triple-checked filenames, directories, I really have no clue.
Has anyone run into similar error message ? Didn't find much on Google or even here...
This is the juicy part of my nginx.conf file (line 67 is, of course the ssl_certificate one):
# Settings for a TLS enabled server.
#
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name myserver;
root /usr/share/nginx/html;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2
ssl_certificate /etc/pki/tls/certs/mymserver.pem;
ssl_certificate_key /etc/pki/tls/private/myserver.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:-MEDIUM:-LOW:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!DH;
ssl_prefer_server_ciphers on;
CodePudding user response:
In your config file
ssl_protocols TLSv1 TLSv1.1 TLSv1.2
is missing the terminating ;
Check the documentation here, it says,
The configuration file consists of directives and their parameters. Simple (single‑line) directives each end with a semicolon. [....]
So, nginx reads this as a wrong syntax, and reports the wrong value.