Reputation: 1307
no "ssl_certificate" is defined for the "listen ... ssl" directive
I am trying to configure nginx server for my website. I am using the following code to configure my server. It works if I add default_server for my www.fastenglishacademy.fr (443) server block.
But in that case, All my subdomains also brings the content of www.fastenglishacademy.fr
And if I remove the default_server, I get the following error:
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/fastenglishacademy.fr.conf:14
nginx: configuration file /etc/nginx/nginx.conf test failed
My nginx configuration codes:
server {
listen 80;
listen [::]:80;
server_name fastenglishacademy.fr;
return 301 https://www.fastenglishacademy.fr$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name www.fastenglishacademy.fr;
return 301 https://www.fastenglishacademy.fr$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name fastenglishacademy.fr;
return 301 https://www.fastenglishacademy.fr$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
root /media/fea/www/fastenglishacademy.com;
index index.html index.htm index.nginx-debian.html;
server_name www.fastenglishacademy.fr;
location / {
etag on;
try_files $uri$args $uri$args/ /index.html;
}
location ~* \.(jpg|jpeg|png|gif|ico|ttf|woff2|woff|svg)$ {
expires 365d;
}
location ~* \.(css|js)$ {
expires 30d;
}
location ~* \.(pdf)$ {
expires 15d;
}
#WARNING: Please read before adding the lines below!
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
# SSL Certificates
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl_trusted_certificate /path/to/chain.pem;
}
My links:
https://www.fastenglishacademy.fr/
https://api.fastenglishacademy.fr/
Upvotes: 32
Views: 78438
Answers (3)
Reputation: 2230
In my case, the file in the error message had nothing to do with the error.
The actual error message was:
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/default:21
But my "default" website was only listening on http, and no ssl directive was specified.
However, I added a new website and specified:
listen 80 ssl;
Without adding the ssl_certificate. Removing "ssl" in the new website solved the issue.
Upvotes: 0
Reputation: 17
Had the same problem. Adding directive
ssl on;
solved my problem.
Upvotes: -5
Reputation: 16740
Your server section is missing ssl_certificate and ssl_certificate_key declarations.
You need to have a .crt and a .key file to run with ssl.
It should looks like
server {
listen 80;
listen 443 default_server ssl;
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
... other declarations
}
Upvotes: 36
Related Questions
- Nginx , LetsEncrypt - [emerg] "ssl_certificate" directive is not allowed here in /etc/nginx/sites-enabled/example.com.conf:33 nginx:
- nginx listen ... ssl directive error, but there is no ssl directive set
- NGINX + Let's encrypt: Could not automatically find a matching server block
- NGINX SSL certificate permission SSL error :0200100D:system
- Unable to set HTTPS using LetsEncrypt in Nginx server
- How to config ssl_trusted_certificate of Let’s Encrypt?
- LetsEncrypt on Nginx NET::ERR_CERT_COMMON_NAME_INVALID
- SSL Let's Encrypt installation not working on NGINX at AWS EC2
- NGINX won't listen on port 443
- How to install a letsencrypt cert with nginx?