nginx
config_error
ai_generated
true
SSL 证书已过期:证书已过期
SSL: certificate expired: certificate has expired
ID: nginx/ssl-certificate-expired
95%修复率
90%置信度
1证据数
2024-11-01首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| nginx 1.24.0 | active | — | — | — |
| nginx 1.22.1 | active | — | — | — |
| nginx 1.20.2 | active | — | — | — |
根因分析
Nginx 加载的 SSL 证书已超过有效期,导致 TLS 握手失败。
English
The SSL certificate file loaded by nginx has passed its expiration date, causing TLS handshake failures.
官方文档
https://nginx.org/en/docs/http/configuring_https_servers.html解决方案
-
Renew the certificate using Let's Encrypt or your CA: `sudo certbot renew --nginx` or manually replace the certificate files and reload nginx: `sudo nginx -s reload`.
-
Check the certificate expiration date: `openssl x509 -in /etc/nginx/ssl/cert.pem -noout -dates`. If expired, obtain a new certificate.
-
Set up automated renewal with a cron job: `0 0 * * * /usr/bin/certbot renew --quiet && systemctl reload nginx`
无效尝试
常见但无效的做法:
-
90% 失败
Session cache does not affect certificate validation; the handshake will still fail.
-
95% 失败
Protocol versions do not bypass certificate expiration; the certificate is still invalid.
-
70% 失败
Self-signed certificates will also expire and cause the same error if not renewed.