Seafile Pro SSL Certificate fails to load / Docker

Docker
1

I’ve been though the instructions, just can’t get it going.

Cloudflare Origin Cert, currently on local network as i’m setting it up before deployment.

I’ve placed the cert and key in diffrent directorys but still says no.
The port is registered for what i can see.

nginx: [emerg] cannot load certificate “/opt/seafile-data/ssl/origin-cert.pem”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(‘/opt/seafile-data/ssl/origin-cert.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)

/opt/seafile-data/ssl

/opt/seafile-data/nginx/conf/seafile.nginx.con

Auto generated at 03/11/2024 20:04:35

server {
listen 80;
server_name *******.xyz default_server;

location / {
    rewrite ^ $host$request_uri? permanent;
}

}
server {
listen 443;
ssl on;
ssl_certificate /opt/seafile-data/ssl/origin-cert.pem;
ssl_certificate_key /opt/seafile-data/ssl/origin-key.pem;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3>
server_name ********.xyz;
client_max_body_size 10m;

location / {
    proxy_pass 127.0.0.1:8000/;
    proxy_read_timeout 310s;
    proxy_set_header Host $http_host;
    proxy_set_header Forwarded "for=$remote_addr;proto=$scheme";
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Connection "";
    proxy_http_version 1.1;
    client_max_body_size 0;
    access_log      /var/log/nginx/seahub.access.log seafileformat;
    error_log       /var/log/nginx/seahub.error.log;
}

location /seafhttp {
    rewrite ^/seafhttp(.*)$ $1 break;
    proxy_pass 127.0.0.1:8082;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    client_max_body_size 0;
    proxy_connect_timeout  36000s;
    proxy_read_timeout  36000s;
    proxy_request_buffering off;
    access_log      /var/log/nginx/seafhttp.access.log seafileformat;
    error_log       /var/log/nginx/seafhttp.error.log;
}

location /notification/ping {
    proxy_pass 127.0.0.1:8083/ping;
    access_log      /var/log/nginx/notification.access.log seafileformat;
    error_log       /var/log/nginx/notification.error.log;
}

location /notification {
    proxy_pass 127.0.0.1:8083/;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    access_log      /var/log/nginx/notification.access.log seafileformat;
    error_log       /var/log/nginx/notification.error.log;
}

location /seafdav {
proxy_pass 127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 1200s;
client_max_body_size 0;

    access_log      /var/log/nginx/seafdav.access.log seafileformat;
    error_log       /var/log/nginx/seafdav.error.log;
}

location /media {
    root /opt/seafile/seafile-server-latest/seahub;
}

}

Any ideas were i’m going wrong? :cry:

2

I’ve never seen it written like that before (above). I would normally write:

listen 443 ssl;

I did a quick search and did see ssl on as an option but only in once result.

I really doubt it is your answer, but just adding it in there.

3

This is an outdated Nginx configuration. It should be listen 443 ssl in new versions. I have updated the document accordingly.

1 Like