VPS侦探论坛

 找回密码
 注册
查看: 4617|回复: 8

nginx: [emerg] cannot load certificate PEM_read_bio_X509() failed

[复制链接]
发表于 2022-9-15 14:17:38 | 显示全部楼层 |阅读模式

本帖最后由 neal 于 2022-9-15 14:22 编辑

安装好 Let'sEncrypt 免费通配符/泛域名SSL证书后,重启nginx报错    使用的是lnmp1.9


nginx: [emerg] cannot load certificate "/usr/local/nginx/conf/ssl/fullchain.cer": PEM_read_bio_X509() failed
nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed

nginx版本信息如下:

[root@VM-0-13-centos ~]# nginx -V
nginx version: nginx/1.22.0
built by gcc 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
built with OpenSSL 1.1.1o  3 May 2022
TLS SNI support enabled
configure arguments: --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-openssl=/root/lnmp1.9/src/openssl-1.1.1o --with-openssl-opt='enable-weak-ssl-ciphers' --with-ld-opt='-ljemalloc' --add-module=/root/nginx-let-module


使用openssl 查看是正常的
openssl x509 -in /usr/local/nginx/conf/ssl/fullchain.cer -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:7c:44:38:b0:63:5a:e0:37:96:8e:36:81:51:20:cd:9f:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Sep 15 01:45:47 2022 GMT
            Not After : Dec 14 01:45:46 2022 GMT
        Subject: CN=mingshishaobing.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:




美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
发表于 2022-9-15 19:41:21 | 显示全部楼层


生成的ssl证书是在 /usr/local/nginx/conf/ssl/域名/ 目录下
检查配置文件是否正确配置,ssl_certificate 为 路径+fullchain.cer , ssl_certificate_key 为 key的 路径+文件名
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
 楼主| 发表于 2022-9-16 14:45:34 | 显示全部楼层

licess 发表于 2022-9-15 19:41
生成的ssl证书是在 /usr/local/nginx/conf/ssl/域名/ 目录下
检查配置文件是否正确配置,ssl_certificate  ...

路径检查了 都是没有问题的  

上面路径 我把域名给去掉了
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
 楼主| 发表于 2022-9-16 14:48:06 | 显示全部楼层



licess 发表于 2022-9-15 19:41
生成的ssl证书是在 /usr/local/nginx/conf/ssl/域名/ 目录下
检查配置文件是否正确配置,ssl_certificate  ...

从 阿里云上申请的证书  也是报这个错误信息  证书路径全是正确的
openssl x509 -in /usr/local/nginx/conf/ssl/fullchain.cer -text -noout  检测也是正常的  就是重启nginx的时候 报错
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
发表于 2022-9-16 21:17:17 | 显示全部楼层

neal 发表于 2022-9-16 14:48
从 阿里云上申请的证书  也是报这个错误信息  证书路径全是正确的
openssl x509 -in /usr/local/nginx/co ...

自己动过证书文件吗?
一般 PEM_read_bio_X509() failed 后面还会有更详细的错误信息

军哥运维代购:http://shop63846532.taobao.com/

 楼主| 发表于 2022-9-19 11:07:17 | 显示全部楼层

证书没改过     Let'sEncrypt 证书安装好之后  重启nginx之后 就出现这种情况了
阿里云的申请的证书 也是直接上传的 没有编辑过

重启之后   
nginx: [emerg] cannot load certificate "/usr/local/nginx/conf/ssl/fullchain.cer": PEM_read_bio_X509() failed
nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
就这两行错误
 楼主| 发表于 2022-9-19 11:11:15 | 显示全部楼层

本帖最后由 neal 于 2022-9-19 11:14 编辑

nginx 错误日志
PEM_read_bio_X509() failed  也只有这个错误


2022/09/14 20:05:02 [notice] 5729#0: signal process started
2022/09/14 20:06:04 [notice] 5998#0: signal process started
2022/09/15 11:41:57 [emerg] 29923#0: cannot load certificate "/usr/local/nginx/conf/ssl/mingshishao.com/fullchain.cer": PEM_read_bio_X509() failed
2022/09/15 11:44:44 [emerg] 30472#0: cannot load certificate "/usr/local/nginx/conf/ssl/mingshishao.com/fullchain.cer": PEM_read_bio_X509() failed
2022/09/15 11:50:02 [emerg] 31532#0: cannot load certificate "/usr/local/nginx/conf/ssl/mingshishao.com/fullchain.cer": PEM_read_bio_X509() failed
2022/09/15 11:52:22 [emerg] 31987#0: cannot load certificate "/usr/local/nginx/conf/ssl/mingshishao.com/fullchain.cer": PEM_read_bio_X509() failed
2022/09/15 13:57:24 [emerg] 25148#0: cannot load certificate "/usr/local/nginx/conf/ssl/mingshishao.com/fullchain.cer": PEM_read_bio_X509() failed
2022/09/15 14:13:43 [emerg] 28393#0: cannot load certificate "/usr/local/nginx/conf/ssl/mingshishao.com/fullchain.cer": PEM_read_bio_X509() failed

美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
发表于 2022-9-19 14:10:43 | 显示全部楼层

neal 发表于 2022-9-19 11:11
nginx 错误日志
PEM_read_bio_X509() failed  也只有这个错误

按现有信息看不确定什么问题
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
 楼主| 发表于 2022-9-22 09:58:31 | 显示全部楼层


licess 发表于 2022-9-19 14:10
按现有信息看不确定什么问题

谢谢军哥

军哥运维代购:http://shop63846532.taobao.com/

您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-12-25 12:53 , Processed in 0.028458 second(s), 16 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表