Related

Tool NGINX Config Generator Tool
Why are snapshots so slow Question Question
Running a web-based video game on a droplet Question Question

Question

nginx: [warn] duplicate value when editing file in nginx/sites-available

Posted May 31, 2020 503 views
NginxUbuntuWordPressUbuntu 20.04

I’ve just migrated my Wordpress / Woocommerce site to a new Ubuntu 20.04 droplet. (www.themusicvault.co.uk)

I’m trying to edit my nginx/sites-available config file to strengthen my SSL following this tutorial.

https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html#HTTP_Public_Key_Pinning_Extension

However im getting the following error when trying to add anything to my config file in sites-available.

nginx: [warn] duplicate value “TLSv1.2” in /etc/nginx/sites-enabled/themusicvault.co.uk:37

Any ideas what might be causing the issue?

Add a comment
jak3tayl0r
By:
jak3tayl0r
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
bobbyiliev June 2, 2020

Hi there @jak3tayl0r,

What I could suggest here is using the grep command to look for any other references of TLSv1.2 in your Nginx directory.

To do that, you can run the following command:

  • sudo grep -ri 'TLSv1.2' /etc/nginx/

Also if you wish you could share the contents of your /etc/nginx/sites-enabled/themusicvault.co.uk file so that I could try to advise you further.

Regards,
Bobby

Reply Report
  • jak3tayl0r June 2, 2020

    sudo grep -ri 'TLSv1.2' /etc/nginx/ shows the following result

    /etc/nginx/nginx.conf:  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE

    Here is the contents of /etc/nginx/sites-enabled/themusicvault.co.uk

    server {
    server_name themusicvault.co.uk www.themusicvault.co.uk;
    root /var/www/html;

    if ($scheme = http) {
               return 301 https://www.themusicvault.co.uk$request_uri;
        }

    index index.php  index.html index.htm;

    location / {
       # try_files $uri $uri/ =404;
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    }

    location ~ /\.ht {
        deny all;
    }

    location = /favicon.ico { log_not_found off; access_log off; }
    location = /robots.txt { log_not_found off; access_log off; allow all; }
    location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
        expires max;
        log_not_found off;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/themusicvault.co.uk/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/themusicvault.co.uk/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.themusicvault.co.uk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = themusicvault.co.uk) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name themusicvault.co.uk www.themusicvault.co.uk;
    return 404; # managed by Certbot




}
    edited by MattIPv4
    Reply Report
    • bobbyiliev June 2, 2020

      Hi there @jak3tayl0r,

      It looks like that you have specified TLSv1.2 already in your Nginx configuration file. However, on line 37 in your server block, some SSL options are being included as well, which I believe is causing the warning for you.

      /etc/letsencrypt/options-ssl-nginx.conf

      I would recommend checking the contents of that file as well and making sure that you do not have duplicated values.

      Let me know how it goes.

      Regards,
      Bobby

      Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help