If you are getting this error while restarting / reloading nginx after making changes in ssl configuration, following solution may work for you.
Error :
[emerg] 26062#26062: PEM_read_bio_X509_AUX(".com.key") failed (SSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:Type=X509_CINF error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:Field=cert_info, Type=X509 error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib)
Solution :
1. Make sure you have generated correct private key file for your domain.
2. Make sure you have generated correct digital certificate file (crt) for your domain.
3. Make sure you have added private key file for attribute ssl_certificate_key and digital certificate file for attribute ssl_certificate in your nginx configuration file.
ssl_certificate_key /etc/nginx/ssl/domain.com.key;
ssl_certificate /etc/nginx/ssl/domain/960668e6d2dd456e.crt;
Error :
[emerg] 26062#26062: PEM_read_bio_X509_AUX(".com.key") failed (SSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:Type=X509_CINF error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:Field=cert_info, Type=X509 error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib)
Solution :
1. Make sure you have generated correct private key file for your domain.
2. Make sure you have generated correct digital certificate file (crt) for your domain.
3. Make sure you have added private key file for attribute ssl_certificate_key and digital certificate file for attribute ssl_certificate in your nginx configuration file.
ssl_certificate_key /etc/nginx/ssl/domain.com.key;
ssl_certificate /etc/nginx/ssl/domain/960668e6d2dd456e.crt;