Hello! On Thu, Jun 18, 2015 at 11:22:27PM +0200, Christ-Jan Wijtmans wrote:
> > If you want nginx to only load existing certificates, you'll have > > to teach it to do so by only using appropriate directives when > > certificates and keys are actually available. The "include" > > directive may help if you want to automate this, see > > http://nginx.org/r/include. > > I dont see how include here helps. Basically currently there is no > certificate. And i want to give the user control over the certificate > which is why i placed in ~/etc/. Which means when the user deletes it > the server wont restart. You'll have to write a script to automate checking if a user placed a certificate or not, and update nginx config appropriately. Generating a single include file is usually easier than re-generating the whole config. > >> Also i do not believe its proper to fail the entire server if one > >> server block fails. > > > > Current approach is as follows: if there is a problem with a > > configuration, nginx will refuse to use it. This way, if you'll > > make an typo in your configuration and ask nginx to reload the > > configuration, nginx will just refuse to load bad configuration > > and will continue to work with old one. This makes sure that > > nginx won't suddenly become half-working due to a typo which can > > be easily detected. > > The server config didnt fail. There was no typo. You've asked nginx to load a non-existing file. That's an obvious error which is easy to detect. The above paragraph tries to explain why the nginx behaviour is such a situation is to reject the configuration, and why this behaviour won't be changed. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
