Hi Marco, On Tue, Oct 14, 2014 at 04:51:05PM +0200, Marco wrote: > Hi all, > I just downloaded and compiled HA-Proxy version 1.5.5 (2014/10/07) using > "make TARGET=linux2628 ARCH=native USE_OPENSSL=yes". > All runs well when not using any SSL. > However adding this line to the config causes a segmentation fault (core > dump) while starting or even checking the config file: > bind *:10443 ssl crt /tmp/certandkey > gdb output: > Starting program: /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c > warning: no loadable sections found in added symbol-file system-supplied > DSO at 0x7ffff7ffa000 > [Thread debugging using libthread_db enabled] > Program received signal SIGSEGV, Segmentation fault. > 0x0000000000474c90 in bind_parse_ssl (args=<value optimized out>, > cur_arg=<value optimized out>, px=<value optimized out>, conf=<value > optimized out>, err=<value optimized out>) at src/ssl_sock.c:4043 > 4043 list_for_each_entry(l, &conf->listeners, by_bind) > The file /tmp/certandkey is world-readable and is structured as follows > (also tried other orders but also failed): > -----BEGIN CERTIFICATE----- > <mycert> > -----END CERTIFICATE----- > -----BEGIN RSA PRIVATE KEY----- > <mykey> > -----END RSA PRIVATE KEY----- > -----BEGIN CERTIFICATE----- > <intermed-ca-1> > -----END CERTIFICATE----- > -----BEGIN CERTIFICATE----- > <intermed-ca-2> > -----END CERTIFICATE----- > The platform is CentOS release 6.5 (Final), 2.6.32, x86_64. > What could be the issue here?
Probably another issue in the config parser :-( We had an issue recently where a backend was marked disabled prior to a section. I don't think it could be related, but please double-check that you don't have this "disabled" keyword before the failing section or inside it. If so, pick the latest snapshot and please confirm it fixes it. Otherwise, I'll ask you to post your config after removing any sensible information. Thanks, Willy
