时间戳

首页 > 解决方案 > Nginx 无法访问 SSL 证书

docker - Nginx 无法访问 SSL 证书

问题描述

尝试使用 NGINX 和 DOCKER 设置 HTTPS 服务器。检查 nginx 配置文件时不断收到相同的错误nginx -t

2020/11/13 13:37:52 [emerg] 6#6: cannot load certificate "/etc/nginx/certs/cert.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/nginx/certs/cert.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: [emerg] cannot load certificate "/etc/nginx/certs/cert.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/nginx/certs/cert.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: configuration file /etc/nginx/nginx.conf test failed

certs尝试将dir复制到etc/nginxin 中Dockerfile,但没有成功:

Dockerfile

FROM node:latest as build-stage
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY ./ .
RUN npm run build

FROM nginx as production-stage
RUN mkdir /app
COPY --from=build-stage /app/dist /app
COPY certs /etc/nginx
COPY nginx.conf /etc/nginx/nginx.conf
RUN nginx -t

也尝试设置 docker 卷,但仍然是同样的错误。

nginx.conf

user  nginx;
worker_processes  1;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;
events {
  worker_connections  1024;
}
http {
  include       /etc/nginx/mime.types;
  default_type  application/octet-stream;
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';
  access_log  /var/log/nginx/access.log  main;
  sendfile        on;
  keepalive_timeout  65;
  server {
    listen 80 default_server;
    server_name test;
    return 301 https://$server_name$request_uri;
  }
  server {
    listen 443 ssl;
    server_name test;
    ssl_certificate certs/cert.crt;
    ssl_certificate_key certs/cert.key;
    location / {
      root   /app;
      index  index.html;
      try_files $uri $uri/ /index.html;
    }
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
      root   /usr/share/nginx/html;
    }
  }
}

PS 权限certs设置为 444

chmod -R 444 certs

标签: dockersslnginxhttpsdocker-compose

解决方案

推荐阅读