nginx 証明書設置エラーで起動しません。。。
久しぶりに証明書更新を利用しようとして、
CSRからごにゃごにゃ証明書作ってnxinx側へインストールしようとしたら
起動時にずっこけた。
~# systemctl status nginx.service Active: failed (Result: exit-code) since Fri 2020-08-14 05:46:13 UTC; 1min 5s ago Docs: man:nginx(8) Process: 22773 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS) Process: 21790 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 22892 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE) Main PID: 21792 (code=exited, status=0/SUCCESS) Aug 14 05:46:13 ip-172-31-xx-xxx systemd[1]: Starting A high performance web server and a reverse proxy server... Aug 14 05:46:13 ip-172-31-xx-xxx nginx[22892]: Enter PEM pass phrase: Aug 14 05:46:13 ip-172-31-xx-xxx nginx[22892]: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/nginx/ssl/2020.ssl.globalsign.com.key") failed (SSL: error:2807106B:UI routines:UI_process:processing error :while reading strings error:0906406D:PEM routines:PEM_def_callback:problems getting password error:0906A068:PEM routines:PEM_do_header:bad password read error:140B0009:SSL routines:SSL_CTX_use_PrivateKe y_filAug 14 05:46:13 ip-172-31-xx-xxx nginx[22892]: nginx: configuration file /etc/nginx/nginx.conf test failed Aug 14 05:46:13 ip-172-31-xx-xxx systemd[1]: nginx.service: Control process exited, code=exited status=1 Aug 14 05:46:13 ip-172-31-xx-xxx systemd[1]: nginx.service: Failed with result 'exit-code'. Aug 14 05:46:13 ip-172-31-xx-xxx systemd[1]: Failed to start A high performance web server and a reverse proxy server.
これが参考になった。
qiita.com
バックアップを取って、パスフレーズを外すとうまくいった!!
# openssl rsa -in 2020.ssl.globalsign.com.key -out 2020.ssl.globalsign.com.key Enter pass phrase for 2020.ssl.globalsign.com.key: writing RSA key # systemctl restart nginx