search

digitalocean / nginxconfig.io

⚙️ NGINX config generator on steroids 💉
https://do.co/nginxconfig
MIT License
27.42k stars 2.01k forks source link

Getting `"[emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in webiste.conf` #432

Closed maskeynihal closed 9 months ago

maskeynihal commented 1 year ago

Information

It's related to script and nginx

Help request

Problem

After "SSL Init" step, and running command for "Comment out SSL related directives in the configuration: ", sudo nginx -t fails with error message [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in webiste.conf

What I have tried

I had to comment out the whole server block that contains listen 443 to solve the issue. Only then the nginx config is correct and certbot can be used to generate certificate.

I am thinking ssl off command is not disabling the whole server block ssl.

Screenshots

MattIPv4 commented 1 year ago

What does your listen definition(s) look like after running that first sed command? What OS are you on?

maskeynihal commented 1 year ago 
server {
    ssl off;
    listen                  443; # ssl http2;
    listen                  [::]:443; # ssl http2;
    server_name             example-server.example.com;
    set                     $base /var/www/example-server.example.com;
    root                    $base/current/public;

    # SSL
    #;#ssl_certificate         /etc/letsencrypt/live/example-server.example.com/fullchain.pem;
    #;#ssl_certificate_key     /etc/letsencrypt/live/example-server.example.com/privkey.pem;
    #;#ssl_trusted_certificate /etc/letsencrypt/live/example-server.example.com/chain.pem;

    # security
    include                 nginxconfig.io/security.conf;

    # logging
    access_log              /var/log/nginx/access.log combined buffer=512k flush=1m;
    error_log               /var/log/nginx/error.log warn;

    # index.php
    index                   index.php;

    # index.php fallback
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # additional config
    include nginxconfig.io/general.conf;

    # handle .php
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
        include      nginxconfig.io/php_fastcgi.conf;
    }
}

# subdomains redirect
server {
    ssl off;
    listen                  443; # ssl http2;
    listen                  [::]:443; # ssl http2;
    server_name             *.example-server.example.com;

    # SSL
    #;#ssl_certificate         /etc/letsencrypt/live/example-server.example.com/fullchain.pem;
    #;#ssl_certificate_key     /etc/letsencrypt/live/example-server.example.com/privkey.pem;
    #;#ssl_trusted_certificate /etc/letsencrypt/live/example-server.example.com/chain.pem;
    return                  301 https://example-server.example.com$request_uri;
}

# HTTP redirect
server {
    ssl off;
    listen      80;
    listen      [::]:80;
    server_name .example-server.example.com;
    include     nginxconfig.io/letsencrypt.conf;

    location / {
        return 301 https://example-server.example.com$request_uri;
    }
}

OS: Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal

nginx version: nginx/1.24.0

maskeynihal commented 1 year ago

I created a new config today, and the new config is working fine.

MattIPv4 commented 9 months ago

Closing as not reproducible -- the shared config has no active listen ssl in it.