Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/linux/25.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Linux SSL NGINX不会加载_Linux_Ssl_Nginx_Server - Fatal编程技术网
Fatal编程技术网
  • linux/
  • Linux SSL NGINX不会加载

Linux SSL NGINX不会加载

linux ssl nginx server

Linux SSL NGINX不会加载,linux,ssl,nginx,server,Linux,Ssl,Nginx,Server,我正在尝试使用NGINX设置SSL。 在更改为443并添加文件路径之前,它使用端口80 我生成了csr和密钥 openssl-req-new-newkey rsa:2048-nodes-keyout示例_com.key-out示例_com.csr 我跟踪并收到了来自Namecheap/Comodo的crt和ca包 我合并了NGINX的文件: server { listen 443; ssl on; ssl_certificate /etc/nginx/ssl/cer

我正在尝试使用NGINX设置SSL。
在更改为443并添加文件路径之前,它使用端口80

我生成了csr和密钥

openssl-req-new-newkey rsa:2048-nodes-keyout示例_com.key-out示例_com.csr

我跟踪并收到了来自Namecheap/Comodo的crt和ca包

我合并了NGINX的文件:

server {
    listen 443;

    ssl on;
    ssl_certificate /etc/nginx/ssl/cert_chain.crt;
    ssl_certificate_key /etc/nginx/ssl/example_com.key;
...

cat-example\u-com.crt-example\u-com.ca-bundle>>cert\u-chain.crt
并放入
/etc/nginx/ssl/

设置权限

sudo mkdir /etc/nginx/ssl
sudo chown -R root:root /etc/nginx/ssl
sudo chmod -R 600 /etc/nginx/ssl

sudo ls-l
返回
-rw------1根根

可用站点:


server {
    listen 443;

    ssl on;
    ssl_certificate /etc/nginx/ssl/cert_chain.crt;
    ssl_certificate_key /etc/nginx/ssl/example_com.key;
...


My
/etc/nginx/nginx.conf
不使用任何端口,这都在example.com网站中提供

重新加载NGINX时:


server {
    listen 443;

    ssl on;
    ssl_certificate /etc/nginx/ssl/cert_chain.crt;
    ssl_certificate_key /etc/nginx/ssl/example_com.key;
...



sudo systemctl重新加载nginx
sudo systemctl重新启动nginx

nginx.service的作业失败。有关详细信息,请参阅“systemctl状态nginx.service”和“journalctl-xn”。

nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled)
Active: failed (Result: exit-code) since Sun 2017-03-26 22:16:54 UTC; 5h 8min ago
Process: 3998 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
Process: 3993 ExecReload=/usr/sbin/nginx -g daemon on; master_process on; -s reload (code=exited, status=1/FAILURE)
Process: 3885 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 4000 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
Main PID: 3888 (code=exited, status=0/SUCCESS)
我发现答案是删除证书中额外的换行符和空格,这是由Comodo添加的

所以这个

...
-----END CERTIFICATE REQUEST-----

-----BEGIN CERTIFICATE REQUEST-----
...
看起来像这样

...
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
...
还请注意,复制粘贴到nano中会在行尾插入额外的空格。我改用vim。

我发现答案是删除证书中额外的换行符和空白,这是由Comodo添加的

所以这个

...
-----END CERTIFICATE REQUEST-----

-----BEGIN CERTIFICATE REQUEST-----
...
看起来像这样

...
-----END CERTIFICATE REQUEST-----
-----BEGIN CERTIFICATE REQUEST-----
...
还请注意,复制粘贴到nano中会在行尾插入额外的空格。我改用了vim。

nginx-t的结果是什么?nginx-t的结果是什么?