Nginx服务启动失败,提示SSL配置缺失的解决方法
现象描述
Nginx服务启动失败,出现“Check fail: ssl_xxx is not configured (required item)”报错,如下图所示。其中,ssl_xxx为SSL相关配置项名称。
处理步骤
Nginx启动过程中会检查如下所示安全配置项,若配置项不符合预期,将会报错。
The security configuration information for the Nginx configuration file is as follows: ---------------------------------------------------------------------------- ssl_certificate "/opt/DevKit/rsa/server.crt"; ssl_certificate_key "/opt/DevKit/rsa/pontus"; ssl_ecdh_curve X25519:X448; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_session_tickets off; ssl_protocols TLSv1.3 TLSv1.2; ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; ----------------------------------------------------------------------------
- “/opt”为DevKit工具安装目录,请以实际路径为准。
- 配置项ssl_ecdh_curve、ssl_protocols、ssl_ciphers、ssl_prefer_server_ciphers、ssl_stapling、ssl_stapling_verify需要确保已配置且对应值完全一致,其余配置项只需确保已配置,配置值不做强校验。
请根据报错信息,修改“/opt/DevKit/tools/nginx/conf/devkit_nginx.conf”配置文件中相应配置项,修改完成后重启Nginx服务。
父主题: FAQ