Welcome! Log In Create A New Profile

Advanced

NGINX does not re-start when configured with SSL certificate that depends on external SSL server that went down

Posted by hkahlouche 
Forum List Message List New Topic
hkahlouche
NGINX does not re-start when configured with SSL certificate that depends on external SSL server that went down
March 27, 2017 05:29PM
I have an NGINX configuration with both HTTP and HTTPS traffic server blocks. Below is the HTTPS server block configuration snippet that is causing the problem.

server {
listen 10.1.1.5:443 default ssl;
listen 10.1.1.6:8080;

server_name myservice.traffic.dns.tmp;

ssl_certificate /etc/config/ssl/myservice.traffic.cert.pem;
ssl_certificate_key engine:name:myservice.traffic;
}

The external SSL server named "engine:name" is used to get the SSL certificate key. Initially, NGINX starts successfully. When the external SSL server goes down, if I try to restart NGINX, the restart fails because NGINX cannot connect with the external SSL server.

nginx: [emerg] ENGINE_load_private_key("385.1") failed
ENGINE_load_private_key:failed loading private key

This creates a "Hard" dependency on an external service.
How could I continue to serve my HTTP traffic even when the SSL external server is down? I would like to make nginx restart to succeed even when the external SSL server is down.

Thanks
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 284
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready