0

I knew about gdb. I already dump memory of running nginx process. I see all txt *.conf configs in that dump.

But! howto find, convert, etc... some of memory range from that dump to valid initial and erased ssl cert?

(Now I can not nither reload or restart my nginx - nginx -t WARN me, there is no ssl cert's)

jack j
  • 1
  • 2
    Might be easier to get a new certificate issued, or restore from backup. – Tim Aug 18 '21 at 23:48
  • 1
    Yes, just restore from your backup. – Michael Hampton Aug 19 '21 at 01:54
  • PKIX (SSL/TLS) certs are encoded in ASN.1 DER, and contain some components easily searched for like your issuing CA's name. But even easier most CAs let you download your cert(s) again anytime you want, plus most CAs today (must) log issued certs to public transparency logs, which you can easily search to find yours plus any chain cert(s) -- I like https://crt.sh . But the cert is useless without the _privatekey_ which you didn't mention, but is almost always in the same config dir and usually the same file as the cert, and trying to find that in memory will be a lot harder. – dave_thompson_085 Aug 19 '21 at 06:33
  • Yes. Imean mostly privatekey rather then cert itself. – jack j Aug 19 '21 at 09:08
  • Does the cert file stay open while nginx is in use? if so maybe https://serverfault.com/a/238431/187998 could be used. – NiKiZe Aug 22 '21 at 21:04
  • No. nginx only load configs and other cert's and p.keys when it start or reload. I check by lsof. – jack j Aug 27 '21 at 08:16
  • And this. My problem already is solved. But, for the future for someone - if anybody leave solution about that case - it will be great! Thanks to all for advises! – jack j Aug 27 '21 at 08:19

0 Answers0