nginx permission denied to certificate files for ssl configuration

nginx ssl ssl-certificate

You probably have SELinux in enforcing mode (the default for Fedora):

sestatus -v

If this is the case, check the audit logs, you should find the access error:

ausearch -m avc -ts today | audit2allow

You also probably moved the filed instead of copying it, so the security context of the file might be wrong.

ls -lrtZ /etc/nginx/demo.*

and correct it if needed:

restorecon -v -R /etc/nginx

I guess it's SELinux that denies permission. Check their SELinux context. Theirs should be httpd_config_t. If not, run

restorecon /etc/nginx/demo.*

or

chcon httpd_config_t /etc/nginx/demo.*

as root.

You can check logs under /var/log/audit/ to see if it's SELinux that denies permission. You can also run

setenforce 0

to set SELinux into permissive mode. This way, SELinux still generates AVC messages (in /var/log/audit/) but permits access.

Related

MySQL warning "IP address could not be resolved"
difference between _default_:* and *:* in VirtualHost Context
How can I automatically restart a Windows service if it crashes?
Common wisdom about Active Directory authentication for Linux Servers?
What is Group Policy and how does it work?
Recover RAID 5 data after created new array instead of re-using
How to wait in bash for several subprocesses to finish, and return exit code !=0 when any subprocess ends with code !=0?
document.getElementById vs jQuery $()
Append integer to beginning of list in Python [duplicate]
Setting Authorization Header of HttpClient
How do I write stderr to a file while using "tee" with a pipe?
How do I align views at the bottom of the screen?