nginx Posts

Error “Expecting: TRUSTED CERTIFICATE” when Deploying .cer Certificate on Nginx

Got this very weird error when adding .key and .cer on my nginx SSL, “140387178489504:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE”. It’s very weird because it works well previously.

At first i tought it was because i need to convert .cer to .crt, but even i cannot convert my .cer file using openssl. So i come to a conclusion that somehow there was an issue on my .cer file. First my .cer file looks fine when im opening it using vi

-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIMUx0WMLOuFkHzf07EMA0GCSqGSIb3DQEBCwUAMGYxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNH
bG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0g
RzIwHhcNMTcwMzIxMDM0NzAzWhcNMTkwMTI5MDIwMzI1WjCBozELMAkGA1UEBhMC

But when im open it using vi -b (vi -b /home/certificate/my.cer), it shows some weird symbols.

<ff><fe>-^@-^@-^@-^@-^@B^@E^@G^@I^@N^@ ^@C^@E^@R^@T^@I^@F^@I^@C^@A^@T^@E^@-^@-^@-^@-^@-^@^M^@
^@M^@I^@I^@F^@/^@j^@C^@C^@B^@O^@a^@g^@A^@w^@I^@B^@A^@g^@I^@M^@U^@x^@0^@W^@M^@L^@O^@u^@F^@k^@H^@z^@f^@0^@7^@E^@M^@A^@0^@G^@C^@S^@q^@G^@S^@I^@b^@3^@D^@Q^@E^@B^@C^@w^@U^@A^@M^@G^@Y^@x^@C^@z^@A^@J^@^M^@
^@B^@g^@N^@V^@B^@A^@Y^@T^@A^@k^@J^@F^@M^@R^@k^@w^@F^@w^@Y^@D^@V^@Q^@Q^@K^@E^@x^@B^@H^@b^@G^@9^@i^@Y^@W^@x^@T^@a^@W^@d^@u^@I^@G^@5^@2^@L^@X^@N^@h^@M^@T^@w^@w^@O^@g^@Y^@D^@V^@Q^@Q^@D^@E^@z^@N^@H^@^M^@
^@b^@G^@9^@i^@Y^@W^@x^@T^@a^@W^@d^@u^@I^@E^@9^@y^@Z^@2^@F^@u^@a^@X^@p^@h^@d^@G^@l^@v^@b^@i^@B^@W^@Y^@W^@x^@p^@Z^@G^@F^@0^@a^@W^@9^@u^@I^@E^@N^@B^@I^@C^@0^@g^@U^@0^@h^@B^@M^@j^@U^@2^@I^@C^@0^@g^@^M^@
^@R^@z^@I^@w^@H^@h^@c^@N^@M^@T^@c^@w^@M^@z^@I^@x^@M^@D^@M^@0^@N^@z^@A^@z^@W^@h^@c^@N^@M^@T^@k^@w^@M^@T^@I^@5^@M^@D^@I^@w^@M^@z^@I^@1^@W^@j^@C^@B^@o^@z^@E^@L^@M^@A^@k^@G^@A^@1^@U^@E^@B^@h^@M^@C^@^M^@
^@V^@k^@4^@x^@D^@j^@A^@M^@B^@g^@N^@V^@B^@A^@g^@M^@B^@U^@h^@h^@b^@m^@9^@p^@M^@Q^@4^@w^@D^@A^@Y^@D^@V^@Q^@Q^@H^@D^@A^@V^@I^@Y^@W^@5^@v^@a^@T^@E^@W^@M^@B^@Q^@G^@A^@1^@U^@E^@C^@w^@w^@N^@S^@V^@Q^@g^@^M^@
^@R^@G^@V^@w^@Y^@X^@J^@0^@b^@W^@V^@u^@d^@D^@E^@8^@M^@D^@o^@G^@A^@1^@U^@E^@C^@g^@w^@z^@V^@k^@l^@F^@V^@E^@5^@B^@T^@U^@9^@C^@S^@U^@x^@F^@I^@F^@R^@F^@T^@E^@V^@D^@T^@0^@1^@N^@V^@U^@5^@J^@Q^@0^@F^@U^@^M^@
^@S^@U^@9^@O^@U^@y^@B^@K^@T^@0^

Somehow it happens because im transferring my .cer file between my windows desktop to my linux server environment. Using dos2unix command from my windows environment solve this issue,

C:\Users\edw>dos2unix C:\my.cer
dos2unix: converting UTF-16LE file C:\Users\edw\Downloads\selfcare.cer to ANSI_X
3.4-1968 Unix format...

ps.
i have dos2unix on my windows environment from cygwin installment.

Google+

[nginx] Replacing HTTP 302 Location URL from HTTP to HTTPS

Had this weird problem today, i can login to my web if i access it directly, but unable to do it if my website is on an iframe of another web. I found out that it happen because im using SSL on both of my website (on the iframe) and the iframe parent’s website.

It actually happen because when im successfully login on my iframed-website, it will gives http 302 (Moved Temporarily) to my dashboard page. But somehow the 302 location is not an HTTPS page, it will gives a regular HTTP pages instead. Which is not a problem when im accessing my web directly, but will gives problem when accessed using an iframe website.

The solution is quite simple, using nginx “proxy_redirect” will change my 302 page from HTTP into HTTPS.

proxy_redirect http:// https://;

Hope it helps :)

Google+