wiki:nginx_troubleshooting
This is an old revision of the document!
Table of Contents
Nginx troubleshooting
upstream SSL certificate verify error: (21:unable to verify the first certificate) while SSL handshaking to upstream
Happened when connecting to upstream server using the self-signed certificate. Workaround can be to set proxy_ssl_verify nginx directive to off;
Better option is to add the correct certificates in the file pointed to by proxy_ssl_trusted_certificate directive. The file should contain in order, server.crt (and probably any intermediary cert if you have it) then rootCA, e.g.
/etc/ssl/certs/trusted_ca_cert.crt
-----BEGIN CERTIFICATE----- ... server.crt data ... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ... rootCA cert data ... -----END CERTIFICATE-----
Tested on
- nginx/1.23.0
See also
References
wiki/nginx_troubleshooting.1680180797.txt.gz · Last modified: 2023/03/30 12:53 by antisa