Nginx won't start after https configuration
784 views
Skip to first unread message
Rob Johnson
Aug 29, 2017, 7:15:14 PM8/29/17
to BigBlueButton-Setup
I am working on a new 1.1 installation. I have completed all of the steps, but Nginx fails on restart The lines below in bold are what I added to sites-available/bigbluebutton.
server {
server_name bbbwcs.etusd.org;
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/nginx/ssl/bbbwcs.etusd.org.crt;
ssl_certificate_key /etc/nginx/ssl/bbwcs.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!AES256";
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhp-2048.pem;
[...]
When I look at /var/log/nginx/error.log, I see:
2017/08/29 16:04:19 [emerg] 15609#15609: unknown directive "[...]" in /etc/nginx/sites-enabled/bigbluebutton:17
If I remove the lines I added to sites-available/bigbluebutton, nginx starts again without a problem. I would appreciate any help sorting this out.
Rob
server {
server_name bbbwcs.etusd.org;
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/nginx/ssl/bbbwcs.etusd.org.crt;
ssl_certificate_key /etc/nginx/ssl/bbwcs.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!AES256";
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhp-2048.pem;
[...]
When I look at /var/log/nginx/error.log, I see:
2017/08/29 16:04:19 [emerg] 15609#15609: unknown directive "[...]" in /etc/nginx/sites-enabled/bigbluebutton:17
If I remove the lines I added to sites-available/bigbluebutton, nginx starts again without a problem. I would appreciate any help sorting this out.
Rob
Fred Dixon
Aug 29, 2017, 7:24:31 PM8/29/17
to bigbluebu...@googlegroups.com
Hi Rob,
For comparison, here's the first few lines from our demo server at https://demo.bigbluebutton.org/
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/demo.bigbluebutton.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/demo.bigbluebutton.org/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!AES256";
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/ssl/dhp-2048.pem;
Try copying our your lines to an plain text editor, then pasting them back in (this should clear out any hidden characters that might be causing an issue).
Regards,... Fred
--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsubscribe...@googlegroups.com.
To post to this group, send email to bigbluebutton-setup@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.
BigBlueButton Developer
@bigbluebutton
Sri Vishnu
Aug 29, 2017, 10:15:41 PM8/29/17
to BigBlueButton-Setup
Hi Rob,
Regards,
Srivishnu.K
Rob Johnson
Aug 30, 2017, 4:15:53 PM8/30/17
to BigBlueButton-Setup
Thank you Fred and Sri. Removing the [...] fixed my issue.
Reply all
Reply to author
Forward
0 new messages