I have got the private key located at: /etc/ssl/private/PRIVATEKEY.key
I ran nginx -t and the configuration is correct. So I ran from root promt:
systemctl reload nginx
but I got this error:
nginx: [emerg] cannot load certificate key "/etc/ssl/private/PRIVATEKEY.key": PEM_read_bio_PrivateKey() failed (SSL: error:1>
Jan 29 14:00:33 vmi1520937 systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Subject: Unit process exited
Defined-By: systemd
I imagine it would have to be a permissions error. The PRIVATEKEY.key is the key I generated when I created the csr file, this is in accordance with the instructions.
I ran
sudo chmod 600 PRIVATEKEY.key
sudo chown root:root PRIVATEKEY.key
but I still get the error
UPDATE: It seems that the private key I generated is password protected but I am baffled because what can I do now? I created it like this,
openssl req -newkey rsa:2048 -keyout PRIVATEKEY.key -out MYCSR.csr
and then just uploaded it to /etc/ssl/private but nginx can't read it yes, I know the password I was asked when building the files, but I don't know now how to nginx is supposed to use it.
First of all I thank all of those who posted positive comments which added good insight and finally lead to the solution. The problem was that the private key was password protected (when you generate it, it asks you for one) but the caveat is that nginx cannot call you on your mobile to ask you for the password, so you have to remove that password internally:
This is what you do:
root@vmi:/etc/nginx/ssl# cp PRIVATEKEY.key PRIVATEKEY.key.pw
root@vmi:/etc/nginx/ssl# openssl rsa -in PRIVATEKEY.key.pw -out PRIVATEKEY.key
Enter pass phrase for PRIVATEKEY.key.pw:
writing RSA key