错误 nginx cannot load certificate path/fullchain.pem 删除认证后测试NGINX服务时会出现 Let’s Encrypt 生成 Certbot。
内容
在服务器中,错误看起来像:
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/example.com/fullchain.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/example.com/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed背景EROARE NGINX
在上一篇文章中,我展示了如何删除服务器中托管的字段,但过去不再活跃。 删除旧域certbot证书(让我们加密证书)。
当您删除仍在服务器上托管的活动字段的SSL证书时,按顺序托管: sudo certbot delete,证书会自动删除,但在会话中保持活跃,直到服务重新启动 nginx。在Ningin -T命令(服务测试)上,您可能会使测试失败,以免上述错误。但是解决方案非常简单。
修复nginx:[Empry]无法加载证书FullChain.PEM
安装SSL证书时 Let’s Encrypt 在争吵中,在域的NGINX的配置文件中,有些行指示证书的存在。删除证书时,该行保留在Ningin配置中,必须手动删除。我的意思是以下行:
.....
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com;
listen 80;
return 404; # managed by Certbot从取消SSL证书的字段的confg ninx文件中删除这些行后,执行订单 nginx -t 检查一切是否还可以。
[root@server]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@server]# 现在您可以安全地重新启动服务 nginx。
