id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 610 SSL parser bug while parsing SSL key/pem/crt file with BOM in windows system version 家靖 陆 "Hi: When the nginx parsing ssl key/pem/crt file -- if these files are started with BOM which is an ordinary situation in windows-- nginx is unable to parse the ssl key header such as: {{{ -----BEGIN CERTIFICATE----- }}} and throw the Bug: {{{ nginx: [emerg] SSL_CTX_use_PrivateKey_file(""D:/DevTools/nginx-1.6.0/conf/server. key"") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expect ing: ANY PRIVATE KEY error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib) }}} After converting the charset to UTF-8 without BOM , it has passed... so i think someone would better add trim function to filter the BOM(such as regExp \uFEFF), so we can easily use the ssl module.. this type of bug may not be easily found and debug" defect closed minor 1.6.2 nginx-module 1.6.x wontfix ssl bom windows 7 X86_64 "nginx version: nginx/1.6.0 TLS SNI support enabled configure arguments: --with-cc=cl --builddir=objs.msvc8 --with-debug --prefix= - -conf-path=conf/nginx.conf --pid-path=logs/nginx.pid --http-log-path=logs/access .log --error-log-path=logs/error.log --sbin-path=nginx.exe --http-client-body-te mp-path=temp/client_body_temp --http-proxy-temp-path=temp/proxy_temp --http-fast cgi-temp-path=temp/fastcgi_temp --http-scgi-temp-path=temp/scgi_temp --http-uwsg i-temp-path=temp/uwsgi_temp --with-cc-opt=-DFD_SETSIZE=1024 --with-pcre=objs.msv c8/lib/pcre-8.34 --with-zlib=objs.msvc8/lib/zlib-1.2.8 --with-select_module --wi th-http_realip_module --with-http_addition_module --with-http_sub_module --with- http_dav_module --with-http_stub_status_module --with-http_flv_module --with-htt p_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-htt p_auth_request_module --with-http_random_index_module --with-http_secure_link_mo dule --with-mail --with-openssl=objs.msvc8/lib/openssl-1.0.1h --with-openssl-opt =enable-tlsext --with-http_ssl_module --with-mail_ssl_module --with-ipv6"