nginx permission denied to certificate files for ssl configuration

Solution 1:

You probably have SELinux in enforcing mode (the default for Fedora):

sestatus -v

If this is the case, check the audit logs, you should find the access error:

ausearch -m avc -ts today | audit2allow

You also probably moved the filed instead of copying it, so the security context of the file might be wrong.

ls -lrtZ /etc/nginx/demo.*

and correct it if needed:

restorecon -v -R /etc/nginx

Solution 2:

I guess it's SELinux that denies permission. Check their SELinux context. Theirs should be httpd_config_t. If not, run

restorecon /etc/nginx/demo.*

or

chcon httpd_config_t /etc/nginx/demo.*

as root.

You can check logs under /var/log/audit/ to see if it's SELinux that denies permission. You can also run

setenforce 0

to set SELinux into permissive mode. This way, SELinux still generates AVC messages (in /var/log/audit/) but permits access.

Tags:

Nginx

Ssl

Ssl Certificate

Related

`sudo echo "bla" >> /etc/sysctl.conf` permission denied Mongodb - proper way to rotate logs Is there a utility to read environment variables from an env file and then run a command (more lightweight than foreman)? check what 32-bit packages are installed on a 64-bit server ssh: "Access denied by PAM account configuration" for one non-root user but not another Is there a pseudo backup procedure to force Exchange log truncation? Is it possible to force Re-creation of EC2::Instance or RDS::DBInstance in amazon cloudformation? setting debconf selections for keyboard-configuration fails... layout ends up as Afghani Disk Capacity Planning for Whisper / Graphite How to Remove UNCHECKED Term Attached in Email Subject Area When Received How can you find the parent snapshot of a zfs clone? How can I find out why my php5-fpm failed to start?

Recent Posts