search

macbre / docker-nginx-http3

Stable and up-to-date root-less nginx with quic + http/3, google brotli compression, njs, GeoIP2, and Grade A+ SSL config
https://hub.docker.com/r/macbre/nginx-http3
158 stars 52 forks source link

can not load certificate key, but officail nginx can load certificate key #128

Open Kennytian opened 6 months ago

Kennytian commented 6 months ago 
Environment: 
Ubuntu 20
Docker version 24.0.7

2023/12/27 01:02:33 [emerg] 32#32: cannot load certificate key "/etc/nginx/./../ssl/my.key": BIO_new_file() failed (SSL: error:0200000d:system library:OPENSSL_internal:Permission denied:fopen('/etc/nginx/./../ssl/my.key','r') error:11000070:BIO routines:OPENSSL_internal:SYS_LIB) nginx: [emerg] cannot load certificate key "/etc/nginx/./../ssl/my.key": BIO_new_file() failed (SSL: error:0200000d:system library:OPENSSL_internal:Permission denied:fopen('/etc/nginx/./../ssl/my.key','r') error:11000070:BIO routines:OPENSSL_internal:SYS_LIB)

Kennytian commented 6 months ago 
chmod 644 my.key

I will try it later

vincejv commented 1 week ago

official image uses root user to read/write files i used user: root so it can be used temporarily, correct fix is to chown all nginx files to nginx user or "100:101"