Unknown directive SSL following nginx Upgrade
Article ID: 270746
Updated On:
Products
CA Process Automation Base
Issue/Introduction
Currently utilising Nginx version 1:1.23.4-1.e17.Nguyen.x86_64 as a load balancer for the ITPAM 04.3.05 version.
Recently, an important patching update was applied, which resulted in the upgrade of Nginx to nginx1:1.25.1-1.el7.nix.x86_64. We have encountered an issue where ITPAM does not seem to recognize these changes.
The Unix team has provided the following error message:
Updated nginx-1:1.23.4-1.el7.ngx.x86_64 @nginx Update 1:1.25.1-1.el7.ngx.x86_64 @nginx
Error reported
Jul 13 12:51:19 NGNIX-SERVER nginx[11207]: nginx: [emerg] unknown directive "ssl" in /etc/nginx/conf/secure-pam-server.conf:87
Jul 13 12:51:19 NGNIX-SERVER systemd[1]: nginx.service: control process exited, code=exited status=1
Jul 13 12:51:19 NGNIX-SERVER systemd[1]: Failed to start nginx - high performance web server.
-- Subject: Unit nginx.service has failed.
Environment
Release : 4.3
Resolution
try the following change to the file secure-pam-server.conf
- Change listen 443; to listen 443 ssl; in server configuration.
- Comment ssl on; by keeping "#" at the stating of the line (#ssl on;)
The original text block from file secure-pam-server.conf, starting from line 82
server {
listen 443;
#Define the host name of load balancer.
server_name localhost;
client_max_body_size 5m;
ssl on;
Modified text (changes highlighted)
server {
listen 443 ssl;
#Define the host name of load balancer.
server_name localhost;
client_max_body_size 5m;
#ssl on;
Additional Information
Please try the above with the updated version of ngnix present to see if the issue is addressed, preferably in a test environment
Feedback
Yes
No
Powered by
