On 12/8/21 00:10, Anthony J. Bentley wrote:
Jordan Geoghegan writes:
I generated a TLS cert with acme-client and tested and confirmed it
worked with httpd.
Do curl/wget/ftp behave the same with httpd? If so that would imply
the problem is with the certificate.
I then configured relayd to perform TLS acceleration
by following examples in the man pages. Everything works great when
tested from a web browser. However, when I try to fetch a file via curl,
wget or ftp etc, I get a cert validation error: (ip and domain removed
for privacy)
Did you generate a full chain certificate with acme-client?
Hi Anthony,
Thanks for your response!
curl/wget/ftp work perfectly with httpd, that's what has me confused. As
soon as that cert gets loaded into relayd, curl/ftp/wget complain about
certificates, yet weirdly web browsers are perfectly happy.
Yes, I do have a full chain certificate generated - I have *.key, *.crt
and *.pem generated.
In the past, I've generated hundreds of certificates just like this one
to use in my httpd hosting cluster - I'm very confused as to why relayd
is puking with the certificate.
I'm happy to provide any further information that is needed, or even
provide remote access to the machine if desired. This is just a throw
away proof of concept test rig, so happy to assist in any way I can.
Regards,
Jordan
