lnmp1.7的NGINX与SSL路径不一致
通过lnmp ssl add 申请证书后,显示如下:-----END CERTIFICATE-----
Your cert is in/usr/local/acme.sh/xxxx/xxxx.cer
Your cert key is in/usr/local/acme.sh/xxx/xxx.key
The intermediate CA cert is in/usr/local/acme.sh/xxx/ca.cer
And the full chain certs is there:/usr/local/acme.sh/xxx/fullchain.cer
Run reload cmd: /etc/init.d/nginx reload
Reload nginx... nginx: conflicting server name "xxxx" on 0.0.0.0:80, ignored
done
Reload success
Let's Encrypt SSL Certificate create successfully.
Create dhparam.pem...
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
................................................+.........+.........................................................................................................................................................++*++*++*++*
Test Nginx configure file......
nginx: cannot load certificate "/usr/local/nginx/conf/ssl/xxx/fullchain.cer": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/nginx/conf/ssl/xxxx/fullchain.cer','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
Reload Nginx......
nginx: cannot load certificate "/usr/local/nginx/conf/ssl/xxxx/fullchain.cer": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/nginx/conf/ssl/xxx/fullchain.cer','r') error:2006D080:BIO routines:BIO_new_file:no such file)
进行到这一步,ssl证书已经申请成功,并且按照lnmp开发者的逻辑应该已经被复制到/usr/local/nginx/conf/ssl目录下,但是,实际上这一步并没有完成,该目录下并没有ssl证书导致nginx启动失败。
生成证书就是直接生成到 /usr/local/nginx/conf/ssl 下的
提示的xxx的域名添加了多次
cat /usr/local/acme.sh/account.conf 看一下CERT_HOME是否自行更改了目录
页:
[1]