Hi Dave, hope you're doing well these days.
On Wed, Jun 23, 2021 at 09:29:46AM -0400, daveb wrote: > Hello, > > I'm trying to load the cert/key from a variable, based on the documentation > here: > https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate > Using this configuration: > > <snip> > server { > listen 19099 ssl; > > set $mycert "-----BEGIN CERTIFICATE----- ..."; > set $mypkey "-----BEGIN PRIVATE KEY----- ..."; > ssl_certificate "data:$mycert"; > ssl_certificate_key "data:$mypkey"; > > <snip> > > When I connect to port 19099, nginx reports this error (v 1.19.7) > > [error] 16408#0: *1 cannot load certificate "data:": PEM_read_bio_X509_AUX() > failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: > TRUSTED CERTIFICATE) while SSL handshaking, client: 127.0.0.1, server: > 0.0.0.0:19099 > > I realize that this might not be a great idea, but I don't understand why > it's not working. Can someone please explain what's wrong with the config? Shared information is not enough to understand how is a certificate and a key look like in the configuration file. My guess is all newlines have been removed, is that right? And if so, a certificate won't be handled correctly without newline breaks. -- Sergey Osokin _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx