Hi, I'm trying to get haproxy 1.5 dev18 to load my production certificate (it is working fine with a self-signed one). And I'm getting this error:
[ALERT] 112/151354 (11224) : parsing [/etc/haproxy/haproxy.cfg:69] : 'bind <<ip>>:443' : unable to load SSL private key from PEM file '/etc/pki/tls/certs/<<prodcrt>>.pem'. [ALERT] 112/151354 (11224) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg [ALERT] 112/151354 (11224) : Proxy 'https-in': no SSL certificate specified for bind '<<ip>>:443' at [/etc/haproxy/haproxy.cfg:69] (use 'crt'). [ALERT] 112/151354 (11224) : Fatal errors found in configuration. Errors in configuration file, check with haproxy check. This cert is a EV multidomain one from Digicert and uses a intermediate cert. I'm made the pem file by concatenting all the keys and certs like this : -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- -----BEGIN INTERMEDIATE CERTIFICATE----- -----END INTERMEDIATE CERTIFICATE----- -----BEGIN ROOT CERTIFICATE----- -----END ROOT CERTIFICATE----- I'm using the identical PEM file successfully with vsftpd and I've also tested it with Apache mod_ssl where is also worked fine. So why is haproxy giving me this error? How can I debug this issue? Thanks, Tim -- Tim Verhoeven - [email protected] - 0479 / 88 11 83 Hoping the problem magically goes away by ignoring it is the "microsoft approach to programming" and should never be allowed. (Linus Torvalds)
