Level 9
Does example.crt exist in /etc/nginx/certs?
Jun 19, 2015
4
Level 13
Setting UP SSL certificate files properly - permissions
I have an Ubuntu 14.04 with only on application on it. I used openssl to create the csr & key files for a FQDN www.example.com
openssl req -new -newkey rsa:2048 -nodes -keyout example.key -out example.csr
I added the required information but I am not sure what should I do next? What permissions I should apply? What is the best practice to follow here?
when I run
sudo service nginx configtest
it fails and I get this error
BIO_new_file("/etc/ssl/certs/example.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/certs/example.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)
[Edited ] Updated to the correct error message
Level 13
I updated the above error message. The file exists in that location but I had the wrong standard as you see in the above error ( .crt ) while I generated ( .csr ). So I fixed that but now there is another issue, here is the current error message:
PEM_read_bio_X509_AUX("/etc/ssl/certs/example.csr") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
I also have a 777 permission on the ( .key & .csr ) files
Level 13
The file exists in that location but I had the wrong standard as you see in the above error ( .crt ) while I generated ( .csr ). So I fixed that ....
This does not sound right! so I investigated a bit more and it turns out once the generate .csr is verified, I get the ( .crt ) which I upload to the server. Now I do
sudo service nginx configtest
I get
Testing nginx configuration [ OK ]
Level 4
How did you solve this? @mehany
Please or to participate in this conversation.