inside mail section: nginx: [emerg] "acme_certificate" directive is not allowed here in... #80
Description
Bug Overview
ACME does not work with mail proxy. See
load_module /usr/lib64/nginx/modules/ngx_http_acme_module.so;
events {
worker_connections 1024;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
### !include acme settings:
resolver 127.0.0.53 127.0.0.54;
acme_issuer letsencrypt {
uri https://acme-v02.api.letsencrypt.org/directory;
state_path /var/lib/nginx/acme-store;
accept_terms_of_service;
}
acme_shared_zone zone=ngx_acme_shared:512k;
server {
# listener on port 80 is required to process ACME HTTP-01 challenges
listen 80;
location / {
#Serve a basic 404 response while listening for challenges
return 404;
}
}
###
server {
listen 443 ssl;
server_name www.bigbox.xy;
acme_certificate letsencrypt;
ssl_certificate $acme_certificate;
ssl_certificate_key $acme_certificate_key;
ssl_certificate_cache max=2;
location / {
root /srv/www/htdocs/;
index index.html index.htm;
}
}
### !include mail server:
mail {
server_name mail.bigbox.xy;
acme_certificate letsencrypt;
ssl_certificate $acme_certificate;
ssl_certificate_key $acme_certificate_key;
ssl_certificate_cache max=2;
server {
listen 993 ssl;
protocol imap;
#acme_certificate letsencrypt;
#ssl_certificate $acme_certificate;
#ssl_certificate_key $acme_certificate_key;
#ssl_certificate_cache max=2;
}
}
###
This results into a nginx[522049]: nginx: [emerg] "acme_certificate" directive is not allowed here in /etc/nginx/...although it worked fine for http certificate.
Inside mail/server I commented what I tried alternatively. Also failed.
Expected Behavior
I expected to reuse the certificates for https with imaps.
Steps to Reproduce the Bug
Try the config above, I included all necessary files.
Environment Details
- Dedicated server
- Target OS: openSUSE Leap 16.0
- nginx 1.29.3
Additional Context
No response