Hi I am new to nginx. I am running Fedora Core 8 and have installed
nginx from source. I am planning on using it for it's load balancing
ability. I have it set up and working for port 80 and it is working
very nicely, but when I try to configure it for SSL I get an error.
Here is my error:
2008/09/06 18:13:19 [emerg] 9761#0: unknown directive "ssl" in /usr/
local/nginx/conf/nginx.conf:39
Here is my config:
server {
listen 443;
server_name prod2.domain.com;
ssl on;
ssl_certificate /usr/local/nginx/conf/ssl/
domain.com.myCA.merged.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/domain.com.key;
keepalive_timeout 70;
location / {
proxy_pass https://domainmain;
}
}
I have merged my CA intermediary cert with my server sert. Line 40 is
the "ssl on" line.
Here are my comfigure arguments:
strings `which nginx` | grep 'configure arguments'
configure arguments: --user=nginx --group=nginx --prefix=/usr/share/
nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --
error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/
access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-
path=/var/lib/nginx/tmp/fastcgi --pid-path=/var/run/nginx.pid --lock-
path=/var/lock/subsys/nginx --with-http_ssl_module --with-
http_realip_module --with-http_addition_module --with-http_sub_module
--with-http_dav_module --with-http_flv_module --with-
http_gzip_static_module --with-http_stub_status_module --with-
http_perl_module --with-mail --with-mail_ssl_module --with-cc-opt=-O2 -
g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --
param=ssp-buffer-size=4 -m32 -march=i386 -mtune=generic -fasynchronous-
unwind-tables --add-module=/builddir/build/BUILD/nginx-0.6.31/nginx-
upstream-fair
Could someone help me figure out of ssl is properly compiled and and/
or tell me if this part of my config is ok?
Thanks,
James
on 07.09.2008 00:33
on 07.09.2008 00:59
Nevermind, working. WOOT! Missed a compile option. James
on 07.09.2008 01:18
Hello! On Sat, Sep 06, 2008 at 06:27:49PM -0400, James wrote: > > location / { > proxy_pass https://domainmain; > } > } > > I have merged my CA intermediary cert with my server sert. Line 40 is > the "ssl on" line. > > Here are my comfigure arguments: > > strings `which nginx` | grep 'configure arguments' JFYI: nginx -V does provide this information. > configure arguments: --user=nginx --group=nginx --prefix=/usr/share/ > nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf -- ^^^^^^^^^^^^^^^^^^^^^ Are you sure you are checking the same nginx you are running? It looks like the one you have checked with strings was compiled with '/etc/nginx/nginx.conf' default config, while the one you are running uses '/usr/local/nginx/conf/nginx.conf' config. Probably the binaries differ and the latter one wasn't configured --with-http_ssl_module. Maxim Dounin