SSL certificate not loaded

Maxim Dounin mdounin at mdounin.ru
Tue Oct 15 13:48:42 UTC 2013


Hello!

On Tue, Oct 15, 2013 at 09:13:52AM -0400, gaspy wrote:

> I have a strange problem with SLL. 
> 
> I purchased a SSL cert and combined the intermediary files into one:
> cat www_mydomain_com.crt PositiveSSLCA2.crt AddTrustExternalCARoot.crt >>
> mydomain-budle.crt
> 
> In the server conf I have the following:
> 
> server 
> {
> 	listen			80;
> 	listen 			443 ssl;
> 
> 	server_name		www.mydomain.com;
> 	root			/var/www/mydomain/;
> 
> 	ssl_protocols		SSLv3 TLSv1 TLSv1.1 TLSv1.2;
> 	ssl_ciphers			AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
> 	ssl_certificate		/etc/nginx/conf/mydomain-bundle.crt;
> 	ssl_certificate_key	/etc/nginx/conf/server.key;
> 	ssl_session_cache	shared:SSL:10m;
> 	ssl_session_timeout	10m;
> 	ssl_verify_depth 2;
> ...
> }
> 
> SSL doesn't work and error log shows
> no "ssl_certificate" is defined in server listening on SSL port while SSL
> handshaking, client: x.x.x.x, server: 0.0.0.0:443
> 
> What's wrong? Of course, the file exists, I restarted the server. I tried
> everything I could think of (absolute path, I added ssl_verify_depth,
> verified that in the crt file the END/BEGIN blocks are on separate lines)

The message suggests you have another server{} listening on the 
same port, without ssl_certificate defined, and it's selected 
based on SNI.

-- 
Maxim Dounin
http://nginx.org/en/donation.html



More information about the nginx mailing list