时间戳

首页 > 解决方案 > Nginx PEM_read_bio_X509 PEM_read_bio:错误的结束行

ssl - Nginx PEM_read_bio_X509 PEM_read_bio:错误的结束行

问题描述

无法破解为什么会这样。证书捆绑文件似乎正确但正在接收PEM routines:PEM_read_bio:bad end line

-----BEGIN CERTIFICATE-----
MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2Jh
bCBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNIfL7zBYZd
W9UvhU5L4IatFaxhz1uvPmoKR/uadpFgC4przc/cV35gmAvkVNlW7SHMArZagV+X
au4CLyMnuG3UsOcGAngLH1ypmTb+u6wbBfpXzYEQQGfWMItYNdSWYb7QjHqXnxr5
IuYUL6nG6AEfq/gmD6yOTSwyOR2Bm40cZbIc22GoiS9g5+vCShjEbyrpEJIJ7RfR
ACvmfe8EiRROM6GyD5eHn7OgzS+8LOy4g2gxPR/VSpAQGQuBldYpdlH5NnbQtwl6
OErXb4y/E3w57bqukPyV93t4CTZedJMeJfD/1K2uaGvG/w/VNfFVbkhJ+Pi474j4
8V4Rd6rfArMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P
AQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j
c3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmw0LmRp
Z2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwPQYD
VR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
ZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFCRuKy3QapJRUSVpAaqaR6aJ50AgMB8GA1Ud
IwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQAL
OYSR+ZfrqoGvhOlaOJL84mxZvzbIRacxAxHhBsCsMsdaVSnaT0AC9aHesO3ewPj2
dZ12uYf+QYB6z13jAMZbAuabeGLJ3LhimnftiQjXS8X9Q9ViIyfEBFltcT8jW+rZ
8uckJ2/0lYDblizkVIvP6hnZf1WZUXoOLRg9eFhSvGNoVwvdRLNXSmDmyHBwW4co
atc7TlJFGa8kBpJIERqLrqwYElesA8u49L3KJg6nwd3jM+/AVTANlVlOnAM2BvjA
jxSZnE0qnsHhfTuvcqdFuhOWKU4Z0BqYBvQ3lBetoxi6PrABDJXWKTUgNX31EGDk
92hiHuwZ4STyhxGs6QiA1213PQJWENMASDASDDDAA
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
MjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2Jh
CTq4G+zb43X1T77nJgSOI9pq/TqCwtukZ7u9VLL3JAq3Wdy2moKLvvC8tVmRzkAe
0xQCkRKIjbBG80MSyDX/R4uYgj6ZiNT/Zg6GI6RofgqgpDdssLc0XIRQEotxIZcK
zP3pGJ9FCbMHmMLLyuBd+uCWvVcF2ogYAawufChS/PT61D9rqzPRS5I2uqa3tmIT
44JhJgWhBnFMb7AGQkvNq9KNS9dd3GWc17H/dXa1enoxzWjE0hBdFjxPhUb0W3wi
8o34/m8Fxw==
-----END CERTIFICATE-----

配置文件

server {
    listen      443 ssl;
    ssl_certificate /etc/nginx/bundle.crt;
    ssl_certificate_key /etc/nginx/abc-private.key;
    server_name localhost;
    location / {
        index index.html;
    }
    error_log  /var/log/nginx/auth-api-error.log;
    access_log /var/log/nginx/auth-api-access.log;
}

启动 nginx 时 /var/log/nginx/error.log 出错

2020/01/07 17:13:32 [emerg] 4267#4267: cannot load certificate "/etc/nginx/bundle.crt": PEM_read_bio_X509() failed (SSL: error:0906D066:PEM routines:PEM_read_bio:bad end line)

标签: sslnginxopensslssl-certificate

解决方案

有时,在初始 SSL 证书安装或更新期间,连接命令会损坏证书代码并重新加载 Nginx 的配置文件会导致此错误:

Nginx/Apache 错误:0906D066:PEM 例程:PEM_read_bio:bad end line

如果我们打开一个包含连接证书代码的文件,我们可以看到一个证书的结束标签 -----END CERTIFICATE----- 和另一个证书的开始标签 -----BEGIN CERTIFICATE----- 是加入一行:

开始证书 结束证书 合并连接

问题修复非常简单:使用您选择的文本编辑器(例如,基于 Linux 的操作系统上的 Nano 或 vim,Windows 上的记事本,Mac OS X 上的 Textedit)并在两个证书代码之间创建一个换行符,所以那 -----BEGIN CERTIFICATE----- 标记从下一行开始:

固定级联证书

确保在页脚和页眉的开头和结尾计算五个破折号。保存文件并退出文本编辑器。

可以使用以下命令之一重新加载 Nginx 配置文件:

nginx -s reload

或服务 nginx 重新加载

服务器应该从现在开始提供 HTTPS,没有任何问题。

参考: https ://www.namecheap.com/support/knowledgebase/article.aspx/9855/2238/nginxapache-error-0906d066pem-routinespem_read_biobad-end-line/

推荐阅读