Opened 11 years ago
Closed 5 years ago
Last modified 20 months ago
#178 closed defect (fixed)
listen with ssl but missing ssl_certificate is not detected by nginx -t
|Reported by:||Gunnlaugur Þór Briem||Owned by:||somebody|
|uname -a:||Linux stimpy.datamarket.net 2.6.26-2-amd64 #1 SMP Wed Sep 21 03:36:44 UTC 2011 x86_64 GNU/Linux|
nginx version: nginx/1.2.1
built by gcc 4.3.2 (Debian 4.3.2-1.1)
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-http_ssl_module --with-http_stub_status_module
I just added the line:
listen 443 ssl;
to one of my extra (non-production) vhosts, but forgot to add the
That's my mistake. But
nginx -t did not catch the mistake, and
nginx -s reload did apply the changed configuration ... and our production site (which also has
listen 443 ssl;) now failed all HTTPS requests with:
2012/06/15 17:21:35 [error] 18931#0: *2322994 no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: xxx.xxx.xx.xxx, server: 0.0.0.0:443
Usually nginx does catch my config mistakes at parse time and thus prevents me from breaking things. I think it could and should have done so in this instance too.
Change History (7)
comment:1 by , 7 years ago
|Status:||new → accepted|
comment:2 by , 7 years ago
comment:3 by , 7 years ago
See also #1107.
comment:4 by , 5 years ago
comment:5 by , 5 years ago
|Status:||accepted → closed|
comment:6 by , 5 years ago
See also #1601.
comment:7 by , 20 months ago
See also #2257.
Note: See TracTickets for help on using tickets.
See also #1073.