Debugging Nginx: why my SSL certificates don't apply after reload?
a year ago
- #Debugging
- #System Administration
- #Nginx
- An automation for creating new nginx hosts stopped working, redirecting to another host instead of the intended site.
- Certificate renewals faced similar issues, with sites only working correctly after a full nginx restart.
- Debugging revealed Nginx was hitting its maximum file descriptor limit, preventing proper reloading.
- Solution involves increasing worker_rlimit_nofile in nginx.conf and setting a systemd override for the service limit.
- Difference between 'reload' and 'restart' in Nginx explained: reload gracefully updates configuration, restart closes all connections first.
- Diagnosis steps include checking process limits and current file descriptor usage.
- Fixing requires updating Nginx configuration and creating a systemd override, followed by applying changes and verifying the fix.