Welcome! Log In Create A New Profile

SSL issue

Forum List Message List New Topic Print View

Victor Oppenheimer

February 11, 2024 05:18PM

Thank you so much for the help you have provided me with
nginx on my Windows 2016 server thus far.

I'm now attempting to add serving https files to my
configuration. Although I want to eventually support
a number of servers being browsed for both http and https
pages, I am starting with my oppsprops.com website.

I generated an SSL certificate and private key for the website.

I stored them at the following paths:
   C:\nginx\conf\ssl\certs\oppsprops_com.crt
   and
   C:\nginx\conf\ssl\keys\oppsprops.com.private.key

I then tried to start nginx with various versions of my
nginx.config file with differing results as described below.

I suspect that this only needs a small tweak ... but would appreciate
some guidance in addressing the issue.

Thanks,
    Victor

The following full nginx.config file with commented SSL
configuration statements serves http:\\oppsprops.com
successfully.

# directives in the 'main' context

# serves all sites http not https
# uses Adobe Tomcat to serve PDFs which must be in proper case

worker_processes auto;
events {    # events context/block
     # configuration of connection processing
            }

http {    # http context specific to HTTP affecting all virtual servers
server_names_hash_bucket_size 64; # avoid multiple server_Name entry
errors

server { # configure oppsprops server
    listen              80;
#    listen              443 ssl;
    server_name oppsprops.com www.oppsprops.com;

#    ssl_certificate c:/nginx/conf/ssl/certs/oppsprops_com.crt;
#    ssl_certificate_key c:/nginx/conf/ssl/keys/oppsprops.com.private.key;

    location /{ # process oppsprops domain using Adobe Tomcat
        proxy_pass http://127.0.0.1:8080/vo/;
        } # end of location block
    } # end of OppsProps server block

   server {    # configuration of clearwaterescapes HTTP server
    server_name clearwaterescapes.com www.clearwaterescapes.com;
    listen 80;

    # avoid errors when favicon.ico file is missing
    location = /favicon.ico {
        access_log off;
        log_not_found off;
        return 204;
    }

     location / {
      # send http://clearwaterescapes.com to Adobe Tomcat
      proxy_pass http://127.0.0.1:8080/vo/Clearwater/;
      } # end of location block
} # end of clearwaterescapes server block

server {    # configure freshpondrentals server
    server_name FreshPondRentals.com www.freshpondrentals.com;
    listen 80;

    # rewrite ^(.*)$ /$1 permanent; # Make incoming URLs lowercase

    # avoid errors when favicon.ico file is missing
    location = /favicon.ico {
        access_log off;
        log_not_found off;
        return 204;
    }

    location / {
      # proxy freshpondrentals pages to Adobe Tomcat
      proxy_pass http://127.0.0.1:8080/vo/camb/;
      } # end of location block
} # end of freshpondrentals server block

server { # configure yogisource HTTP port 80 server
    server_name yogisource.com www.yogisource.com;
    listen 80;

    location / {
      proxy_pass http://yogisource.com:81/;
      } # end of location block

} # end of yogisource server block

} # end of http block

______________________________________
Modifying the nginx.config file above to include the following statements
produce the following error.log file errors and nginx fails to start

server { # configure oppsprops server
    listen              80;
    listen              443 ssl;
    server_name oppsprops.com www.oppsprops.com;
    ssl_certificate     conf/ssl/certs/oppsprops_com.crt;
    ssl_certificate_key conf/ssl/keys/oppsprops.com.private.key;

2024/02/11 14:34:08 [emerg] 14600#11064: cannot load certificate
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt": BIO_new_file() failed
(SSL: error:02001003:system library:fopen:No such
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r')
error:2006D080:BIO routines:BIO_new_file:no such file)
2024/02/11 14:34:10 [emerg] 9048#12520: cannot load certificate
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt": BIO_new_file() failed
(SSL: error:02001003:system library:fopen:No such
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r')
error:2006D080:BIO routines:BIO_new_file:no such file)
2024/02/11 14:34:14 [emerg] 6620#16260: cannot load certificate
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt": BIO_new_file() failed
(SSL: error:02001003:system library:fopen:No such
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r')
error:2006D080:BIO routines:BIO_new_file:no such file)
2024/02/11 14:34:22 [emerg] 13008#12828: cannot load certificate
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt": BIO_new_file() failed
(SSL: error:02001003:system library:fopen:No such
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r')
error:2006D080:BIO routines:BIO_new_file:no such file)
2024/02/11 14:34:38 [emerg] 13928#1068: cannot load certificate
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt": BIO_new_file() failed
(SSL: error:02001003:system library:fopen:No such
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r')
error:2006D080:BIO routines:BIO_new_file:no such file)
2024/02/11 14:35:10 [emerg] 3664#8660: cannot load certificate
"C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt": BIO_new_file() failed
(SSL: error:02001003:system library:fopen:No such
process:fopen('C:\nginx/conf/conf/ssl/certs/oppsprops_com.crt','r')
error:2006D080:BIO routines:BIO_new_file:no such file)

_________
Modifying the nginx.config file above to include the following statements
produces no error.log errors but fails to load the page with a browser
error of:
   This site can’t be reached
   oppsprops.com refused to connect.

server { # configure oppsprops server
    listen              80;
    listen              443 ssl;
    server_name oppsprops.com www.oppsprops.com;
    ssl_certificate     ssl/certs/oppsprops_com.crt;
    ssl_certificate_key ssl/keys/oppsprops.com.private.key;

    location /{ # process oppsprops domain using Adobe Tomcat
        proxy_pass http://127.0.0.1:8080/vo/;
        } # end of location block
    } # end of OppsProps server block

_________________
Modifying the nginx.config file above to include the following statements
also produces no error.log errors but fails to load the page with a
browser error of:

   This site can’t be reached
   oppsprops.com refused to connect.

server { # configure oppsprops server
    listen              80;
    listen              443 ssl;
    server_name oppsprops.com www.oppsprops.com;
    ssl_certificate     /ssl/certs/oppsprops_com.crt;
    ssl_certificate_key /ssl/keys/oppsprops.com.private.key;

    location /{ # process oppsprops domain using Adobe Tomcat
        proxy_pass http://127.0.0.1:8080/vo/;
        } # end of location block
    } # end of OppsProps server block
______________________________
Modifying the nginx.config file above to include the following statements
also produces no error.log errors but fails to load the page with a
browser error of:
   This site can’t be reached
   oppsprops.com refused to connect.

server { # configure oppsprops server
    listen              80;
    listen              443 ssl;
    server_name oppsprops.com www.oppsprops.com;

    ssl_certificate     c:/nginx/conf/ssl/certs/oppsprops_com.crt;
    ssl_certificate_key c:/nginx/conf/ssl/keys/oppsprops.com.private.key;

    location /{ # process oppsprops domain using Adobe Tomcat
        proxy_pass http://127.0.0.1:8080/vo/;
        } # end of location block
    } # end of OppsProps server block
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
SSL issue	Victor Oppenheimer	February 11, 2024 05:18PM
RE: SSL issue	Thomas Ward via nginx	February 11, 2024 05:50PM
RE: SSL issue	Thomas Ward via nginx	February 11, 2024 05:52PM
Re: SSL issue	Victor Oppenheimer	February 11, 2024 07:46PM
Re: SSL issue	Thomas Ward via nginx	February 11, 2024 08:30PM