<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Thanks for your response. I'm an administrator on the computer
and nginx is running on my account. So, it does seem likely that
the problem is "permissions" as I have "full control" permission
for the folders.</p>
<p>--- Victor<br>
</p>
<div class="moz-cite-prefix">On 2/11/2024 5:51 PM, Thomas Ward via
nginx wrote:<br>
</div>
<blockquote type="cite"
cite="mid:MN0PR19MB594844DE8E63C98E236CF5E49B492@MN0PR19MB5948.namprd19.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Exchange Server">
<!-- converted from text -->
<style>.EmailQuote { margin-left: 1pt; padding-left: 4pt; border-left: #800000 2px solid; }</style>
<div dir="auto">
<div dir="auto">I misread. NGINX doesnt see the certs exist
meaning whatever user is running it doesnt have permissions.
Make sure your user running NGINX has access down the whole
folder chain.</div>
<div dir="auto"><br>
</div>
<div dir="auto"><br>
</div>
<div dir="auto"><br>
</div>
<div id="x_composer_signature" dir="auto">
<div dir="auto" style="font-size:12px; color:#575757">Sent
from my Galaxy</div>
</div>
<div dir="auto"><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>-------- Original message --------</div>
<div>From: Victor Oppenheimer <a class="moz-txt-link-rfc2396E" href="mailto:victor@camb.com"><victor@camb.com></a> </div>
<div>Date: 2/11/24 17:17 (GMT-05:00) </div>
<div>To: Jeremy Cocks via nginx <a class="moz-txt-link-rfc2396E" href="mailto:nginx@nginx.org"><nginx@nginx.org></a> </div>
<div>Subject: SSL issue </div>
<div><br>
</div>
</div>
<font size="2"><span style="font-size:11pt;">
<div class="PlainText">Thank you so much for the help you have
provided me with<br>
nginx on my Windows 2016 server thus far.<br>
<br>
I'm now attempting to add serving https files to my<br>
configuration. Although I want to eventually support<br>
a number of servers being browsed for both http and https<br>
pages, I am starting with my oppsprops.com website.<br>
<br>
I generated an SSL certificate and private key for the
website.<br>
<br>
I stored them at the following paths:<br>
C:\nginx\conf\ssl\certs\oppsprops_com.crt<br>
and<br>
C:\nginx\conf\ssl\keys\oppsprops.com.private.key<br>
<br>
I then tried to start nginx with various versions of my<br>
nginx.config file with differing results as described below.<br>
<br>
I suspect that this only needs a small tweak ... but would
appreciate<br>
some guidance in addressing the issue.<br>
<br>
Thanks,<br>
Victor<br>
<br>
The following full nginx.config file with commented SSL<br>
configuration statements serves <a
href="http:\\oppsprops.com" moz-do-not-send="true">http:\\oppsprops.com</a><br>
successfully.<br>
<br>
# directives in the 'main' context<br>
<br>
# serves all sites http not https<br>
# uses Adobe Tomcat to serve PDFs which must be in proper
case<br>
<br>
worker_processes auto;<br>
events { # events context/block<br>
# configuration of connection processing<br>
}<br>
<br>
http { # http context specific to HTTP affecting all
virtual servers<br>
server_names_hash_bucket_size 64; # avoid multiple
server_Name entry <br>
errors<br>
<br>
server { # configure oppsprops server<br>
listen 80;<br>
# listen 443 ssl;<br>
server_name oppsprops.com <a
href="http://www.oppsprops.com" moz-do-not-send="true">www.oppsprops.com</a>;<br>
<br>
# ssl_certificate
c:/nginx/conf/ssl/certs/oppsprops_com.crt;<br>
# ssl_certificate_key
c:/nginx/conf/ssl/keys/oppsprops.com.private.key;<br>
<br>
location /{ # process oppsprops domain using Adobe
Tomcat<br>
proxy_pass <a href="http://127.0.0.1:8080/vo/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://127.0.0.1:8080/vo/</a>;<br>
} # end of location block<br>
} # end of OppsProps server block<br>
<br>
server { # configuration of clearwaterescapes HTTP
server<br>
server_name clearwaterescapes.com <a
href="http://www.clearwaterescapes.com"
moz-do-not-send="true">
www.clearwaterescapes.com</a>;<br>
listen 80;<br>
<br>
# avoid errors when favicon.ico file is missing<br>
location = /favicon.ico {<br>
access_log off;<br>
log_not_found off;<br>
return 204;<br>
}<br>
<br>
location / {<br>
# send <a href="http://clearwaterescapes.com"
moz-do-not-send="true" class="moz-txt-link-freetext">http://clearwaterescapes.com</a>
to Adobe Tomcat<br>
proxy_pass <a
href="http://127.0.0.1:8080/vo/Clearwater/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://127.0.0.1:8080/vo/Clearwater/</a>;<br>
} # end of location block<br>
} # end of clearwaterescapes server block<br>
<br>
server { # configure freshpondrentals server<br>
server_name FreshPondRentals.com <a
href="http://www.freshpondrentals.com"
moz-do-not-send="true">www.freshpondrentals.com</a>;<br>
listen 80;<br>
<br>
# rewrite ^(.*)$ /$1 permanent; # Make incoming URLs
lowercase<br>
<br>
# avoid errors when favicon.ico file is missing<br>
location = /favicon.ico {<br>
access_log off;<br>
log_not_found off;<br>
return 204;<br>
}<br>
<br>
location / {<br>
# proxy freshpondrentals pages to Adobe Tomcat<br>
proxy_pass <a href="http://127.0.0.1:8080/vo/camb/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://127.0.0.1:8080/vo/camb/</a>;<br>
} # end of location block<br>
} # end of freshpondrentals server block<br>
<br>
server { # configure yogisource HTTP port 80 server<br>
server_name yogisource.com <a
href="http://www.yogisource.com" moz-do-not-send="true">www.yogisource.com</a>;<br>
listen 80;<br>
<br>
location / {<br>
proxy_pass <a href="http://yogisource.com:81/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://yogisource.com:81/</a>;<br>
} # end of location block<br>
<br>
} # end of yogisource server block<br>
<br>
} # end of http block<br>
<br>
<br>
______________________________________<br>
Modifying the nginx.config file above to include the
following statements<br>
produce the following error.log file errors and nginx fails
to start<br>
<br>
server { # configure oppsprops server<br>
listen 80;<br>
listen 443 ssl;<br>
server_name oppsprops.com <a
href="http://www.oppsprops.com" moz-do-not-send="true">www.oppsprops.com</a>;<br>
ssl_certificate conf/ssl/certs/oppsprops_com.crt;<br>
ssl_certificate_key
conf/ssl/keys/oppsprops.com.private.key;<br>
<br>
2024/02/11 14:34:08 [emerg] 14600#11064: cannot load
certificate <br>
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt":
BIO_new_file() failed <br>
(SSL: error:02001003:system library:fopen:No such <br>
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r') <br>
error:2006D080:BIO routines:BIO_new_<a class="moz-txt-link-freetext" href="file:no">file:no</a> such file)<br>
2024/02/11 14:34:10 [emerg] 9048#12520: cannot load
certificate <br>
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt":
BIO_new_file() failed <br>
(SSL: error:02001003:system library:fopen:No such <br>
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r') <br>
error:2006D080:BIO routines:BIO_new_<a class="moz-txt-link-freetext" href="file:no">file:no</a> such file)<br>
2024/02/11 14:34:14 [emerg] 6620#16260: cannot load
certificate <br>
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt":
BIO_new_file() failed <br>
(SSL: error:02001003:system library:fopen:No such <br>
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r') <br>
error:2006D080:BIO routines:BIO_new_<a class="moz-txt-link-freetext" href="file:no">file:no</a> such file)<br>
2024/02/11 14:34:22 [emerg] 13008#12828: cannot load
certificate <br>
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt":
BIO_new_file() failed <br>
(SSL: error:02001003:system library:fopen:No such <br>
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r') <br>
error:2006D080:BIO routines:BIO_new_<a class="moz-txt-link-freetext" href="file:no">file:no</a> such file)<br>
2024/02/11 14:34:38 [emerg] 13928#1068: cannot load
certificate <br>
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt":
BIO_new_file() failed <br>
(SSL: error:02001003:system library:fopen:No such <br>
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r') <br>
error:2006D080:BIO routines:BIO_new_<a class="moz-txt-link-freetext" href="file:no">file:no</a> such file)<br>
2024/02/11 14:35:10 [emerg] 3664#8660: cannot load
certificate <br>
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt":
BIO_new_file() failed <br>
(SSL: error:02001003:system library:fopen:No such <br>
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r') <br>
error:2006D080:BIO routines:BIO_new_<a class="moz-txt-link-freetext" href="file:no">file:no</a> such file)<br>
<br>
<br>
_________<br>
Modifying the nginx.config file above to include the
following statements<br>
produces no error.log errors but fails to load the page with
a browser<br>
error of:<br>
This site can’t be reached<br>
oppsprops.com refused to connect.<br>
<br>
server { # configure oppsprops server<br>
listen 80;<br>
listen 443 ssl;<br>
server_name oppsprops.com <a
href="http://www.oppsprops.com" moz-do-not-send="true">www.oppsprops.com</a>;<br>
ssl_certificate ssl/certs/oppsprops_com.crt;<br>
ssl_certificate_key ssl/keys/oppsprops.com.private.key;<br>
<br>
location /{ # process oppsprops domain using Adobe
Tomcat<br>
proxy_pass <a href="http://127.0.0.1:8080/vo/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://127.0.0.1:8080/vo/</a>;<br>
} # end of location block<br>
} # end of OppsProps server block<br>
<br>
_________________<br>
Modifying the nginx.config file above to include the
following statements<br>
also produces no error.log errors but fails to load the page
with a<br>
browser error of:<br>
<br>
This site can’t be reached<br>
oppsprops.com refused to connect.<br>
<br>
server { # configure oppsprops server<br>
listen 80;<br>
listen 443 ssl;<br>
server_name oppsprops.com <a
href="http://www.oppsprops.com" moz-do-not-send="true">www.oppsprops.com</a>;<br>
ssl_certificate /ssl/certs/oppsprops_com.crt;<br>
ssl_certificate_key
/ssl/keys/oppsprops.com.private.key;<br>
<br>
location /{ # process oppsprops domain using Adobe
Tomcat<br>
proxy_pass <a href="http://127.0.0.1:8080/vo/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://127.0.0.1:8080/vo/</a>;<br>
} # end of location block<br>
} # end of OppsProps server block<br>
______________________________<br>
Modifying the nginx.config file above to include the
following statements<br>
also produces no error.log errors but fails to load the page
with a<br>
browser error of:<br>
This site can’t be reached<br>
oppsprops.com refused to connect.<br>
<br>
server { # configure oppsprops server<br>
listen 80;<br>
listen 443 ssl;<br>
server_name oppsprops.com <a
href="http://www.oppsprops.com" moz-do-not-send="true">www.oppsprops.com</a>;<br>
<br>
ssl_certificate
c:/nginx/conf/ssl/certs/oppsprops_com.crt;<br>
ssl_certificate_key
c:/nginx/conf/ssl/keys/oppsprops.com.private.key;<br>
<br>
location /{ # process oppsprops domain using Adobe
Tomcat<br>
proxy_pass <a href="http://127.0.0.1:8080/vo/"
moz-do-not-send="true" class="moz-txt-link-freetext">http://127.0.0.1:8080/vo/</a>;<br>
} # end of location block<br>
} # end of OppsProps server block<br>
_______________________________________________<br>
nginx mailing list<br>
<a class="moz-txt-link-abbreviated" href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="https://mailman.nginx.org/mailman/listinfo/nginx"
moz-do-not-send="true" class="moz-txt-link-freetext">https://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</div>
</span></font>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
nginx mailing list
<a class="moz-txt-link-abbreviated" href="mailto:nginx@nginx.org">nginx@nginx.org</a>
<a class="moz-txt-link-freetext" href="https://mailman.nginx.org/mailman/listinfo/nginx">https://mailman.nginx.org/mailman/listinfo/nginx</a>
</pre>
</blockquote>
</body>
</html>