ssl - Nginx PEM_read_bio_X509 PEM_read_bio:错误的结束行
问题描述
无法破解为什么会这样。证书捆绑文件似乎正确但正在接收PEM routines:PEM_read_bio:bad end line
-----BEGIN CERTIFICATE-----
MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2Jh
bCBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNIfL7zBYZd
W9UvhU5L4IatFaxhz1uvPmoKR/uadpFgC4przc/cV35gmAvkVNlW7SHMArZagV+X
au4CLyMnuG3UsOcGAngLH1ypmTb+u6wbBfpXzYEQQGfWMItYNdSWYb7QjHqXnxr5
IuYUL6nG6AEfq/gmD6yOTSwyOR2Bm40cZbIc22GoiS9g5+vCShjEbyrpEJIJ7RfR
ACvmfe8EiRROM6GyD5eHn7OgzS+8LOy4g2gxPR/VSpAQGQuBldYpdlH5NnbQtwl6
OErXb4y/E3w57bqukPyV93t4CTZedJMeJfD/1K2uaGvG/w/VNfFVbkhJ+Pi474j4
8V4Rd6rfArMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P
AQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j
c3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmw0LmRp
Z2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwPQYD
VR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFCRuKy3QapJRUSVpAaqaR6aJ50AgMB8GA1Ud
IwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQAL
OYSR+ZfrqoGvhOlaOJL84mxZvzbIRacxAxHhBsCsMsdaVSnaT0AC9aHesO3ewPj2
dZ12uYf+QYB6z13jAMZbAuabeGLJ3LhimnftiQjXS8X9Q9ViIyfEBFltcT8jW+rZ
8uckJ2/0lYDblizkVIvP6hnZf1WZUXoOLRg9eFhSvGNoVwvdRLNXSmDmyHBwW4co
atc7TlJFGa8kBpJIERqLrqwYElesA8u49L3KJg6nwd3jM+/AVTANlVlOnAM2BvjA
jxSZnE0qnsHhfTuvcqdFuhOWKU4Z0BqYBvQ3lBetoxi6PrABDJXWKTUgNX31EGDk
92hiHuwZ4STyhxGs6QiA1213PQJWENMASDASDDDAA
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2Jh
CTq4G+zb43X1T77nJgSOI9pq/TqCwtukZ7u9VLL3JAq3Wdy2moKLvvC8tVmRzkAe
0xQCkRKIjbBG80MSyDX/R4uYgj6ZiNT/Zg6GI6RofgqgpDdssLc0XIRQEotxIZcK
zP3pGJ9FCbMHmMLLyuBd+uCWvVcF2ogYAawufChS/PT61D9rqzPRS5I2uqa3tmIT
44JhJgWhBnFMb7AGQkvNq9KNS9dd3GWc17H/dXa1enoxzWjE0hBdFjxPhUb0W3wi
8o34/m8Fxw==
-----END CERTIFICATE-----
配置文件
server {
listen 443 ssl;
ssl_certificate /etc/nginx/bundle.crt;
ssl_certificate_key /etc/nginx/abc-private.key;
server_name localhost;
location / {
index index.html;
}
error_log /var/log/nginx/auth-api-error.log;
access_log /var/log/nginx/auth-api-access.log;
}
启动 nginx 时 /var/log/nginx/error.log 出错
2020/01/07 17:13:32 [emerg] 4267#4267: cannot load certificate "/etc/nginx/bundle.crt": PEM_read_bio_X509() failed (SSL: error:0906D066:PEM routines:PEM_read_bio:bad end line)
解决方案
有时,在初始 SSL 证书安装或更新期间,连接命令会损坏证书代码并重新加载 Nginx 的配置文件会导致此错误:
如果我们打开一个包含连接证书代码的文件,我们可以看到一个证书的结束标签 -----END CERTIFICATE----- 和另一个证书的开始标签 -----BEGIN CERTIFICATE----- 是加入一行:
问题修复非常简单:使用您选择的文本编辑器(例如,基于 Linux 的操作系统上的 Nano 或 vim,Windows 上的记事本,Mac OS X 上的 Textedit)并在两个证书代码之间创建一个换行符,所以那 -----BEGIN CERTIFICATE----- 标记从下一行开始:
确保在页脚和页眉的开头和结尾计算五个破折号。保存文件并退出文本编辑器。
可以使用以下命令之一重新加载 Nginx 配置文件:
nginx -s reload
或服务 nginx 重新加载
服务器应该从现在开始提供 HTTPS,没有任何问题。
推荐阅读
- python - Python 与嵌套 for 循环的混淆
- c# - 为什么我的登录表单一直显示错误的密码/电子邮件
- django-models - 布尔字段未在 Django db 中更新
- angular - 离子5中的反应形式日期选择器
- javascript - 当按钮具有类时,单击事件在 JQuery 中不起作用
- swiftui - 在 SwiftUI 的 UINavigationItem 按钮中添加返回图标和“返回”文本
- python - 如果在两个列表中找到相同的字符,如何返回 True?
- html - 单击css html后更改图像
- mongodb - 如何绕过 mongoDB 中的 $filter?
- android-studio - 自定义 'fontFamily' 在 Flutter 中不起作用