Re-adding the list. And:
> Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ?? Yes. Though I am not sure what file.crt and file.pem are :) Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711 | Deutschland daniel.schnel...@centerdevice.de | www.centerdevice.de Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina, Michael Rosbach, Handelsregister-Nr.: HRB 18655, HR-Gericht: Bonn, USt-IdNr.: DE-815299431 > On 12. Jan. 2017, at 13:27, Thierry <lenai...@maelenn.org> wrote: > > Hi, > > You are right, I am using the v1.7.1-1 on Debian. > I do have paid ssl certificate (.key, .crt, .pem). They all are in non > world-readable folder. > Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ?? > > Thx > >> Thierry, > > >> always helps to know the haproxy version you use. >> As for your error message, do you have private key, your site’s >> certificate and all necessary chain certificates in the crt files you >> reference in your config? > > >> IIRC they need to be in the order > > >> 1. key >> 2. site cert (“leaf”) >> 3. intermediates > > >> Make sure to have these files not world-readable as they contain secret >> crypto material. > > >> HTH, >> Daniel > > > > > >