Hi,

I'm trying to get haproxy 1.5 dev18 to load my production certificate
(it is working fine with a self-signed one). And I'm getting this
error:

[ALERT] 112/151354 (11224) : parsing [/etc/haproxy/haproxy.cfg:69] :
'bind <<ip>>:443' : unable to load SSL private key from PEM file
'/etc/pki/tls/certs/<<prodcrt>>.pem'.
[ALERT] 112/151354 (11224) : Error(s) found in configuration file :
/etc/haproxy/haproxy.cfg
[ALERT] 112/151354 (11224) : Proxy 'https-in': no SSL certificate
specified for bind '<<ip>>:443' at [/etc/haproxy/haproxy.cfg:69] (use
'crt').
[ALERT] 112/151354 (11224) : Fatal errors found in configuration.
Errors in configuration file, check with haproxy check.

This cert is a EV multidomain one from Digicert and uses a
intermediate cert. I'm made the pem file by concatenting all the keys
and certs like this :

-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN INTERMEDIATE CERTIFICATE-----
-----END INTERMEDIATE CERTIFICATE-----
-----BEGIN ROOT CERTIFICATE-----
-----END ROOT CERTIFICATE-----

I'm using the identical PEM file successfully with vsftpd and I've
also tested it with Apache mod_ssl where is also worked fine.

So why is haproxy giving me this error?

How can I debug this issue?

Thanks,
Tim


--
Tim Verhoeven - tim.verhoeven...@gmail.com - 0479 / 88 11 83

Hoping the problem  magically goes away  by ignoring it is the
"microsoft approach to programming" and should never be allowed.
(Linus Torvalds)

Reply via email to