Using $host variable in ssl_certificate path
nginx-forum at forum.nginx.org
Wed Oct 20 17:27:50 UTC 2021
I'm now using Nginx 1.21.
I've noticed Nginx actually runs with variable in ssl certificate path, but
the certificate itself doesn't run.
ssl_certificate /etc/letsencrypt/live/$host/fullchain.pem; # managed by
ssl_certificate_key /etc/letsencrypt/live/$host/privkey.pem; # managed by
I double checked the $host variable using a special header and curl, to know
if $host variable is the exact value of my folder there, and it is correct.
add_header X-Host $host;
Now checking Nginx error.log it indicates maybe it is because file
2021/10/20 17:16:07 [error] 2408#2408: *412 cannot load certificate
"/etc/letsencrypt/live/XXXXX/fullchain.pem": BIO_new_file() failed (SSL:
error:2006D002:BIO routines:BIO_new_file:system lib) while SSL handshaking,
client: 22.214.171.124, server: 0.0.0.0:443
But strangely enough it runs OK if I don't use the $host variable. I would
like to keep permissions so when Certbot updates I don't have any
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,292653,292656#msg-292656
More information about the nginx