Hi misc@

I am using the example for the TLS inspection from the relayd.conf(5) man
page:

           # openssl req -x509 -days 365 -newkey rsa:2048 \
                   -keyout /etc/ssl/private/ca.key -out /etc/ssl/ca.crt

I set the PEM password to "password123"

then have the following relayd.conf:
           http protocol httpfilter {
                   return error

                   pass
                   match label "Prohibited!"
                   block url "social.network.example.com/"

                   # New configuration directives for SSL/TLS Interception
                   tls ca key "/etc/ssl/private/ca.key" password
"password123"
                   tls ca cert "/etc/ssl/ca.crt"
           }

           relay tlsinspect {
                   listen on 127.0.0.1 port 8443 tls
                   protocol httpfilter
                   forward with tls to destination
           }

and i get when running: relayd -n
/etc/relayd.conf:17: cannot load certificates for relay tlsinspect

tested on 6.6 and -current from a few days prior, both amd64

am i missing a step here?

thankyou!

Reply via email to