Hi Alan, Your more than welcome. Some of the messages from Pound can be a little confusing until you've been playing with it for a while.
Any further issues just drop us a line and I'm sure someone will be able to help. ~Scott On 27 September 2012 11:14, Alan McGinlay <[email protected]> wrote: > Fixed! thanks for the link, it put me on the right track. > > All that was required was to concatenate the key, the crt and output a > .pem file which i put in the ssl store and referenced it from pound.cfg. > > I also ran "update-ca-certificates --verbose --fresh" > > And restarted pound, success! This is just a test, the live site will use > a "real" ssl cert. > > Thanks, > > Alan > > 2012-09-27 11:57, Scott McKeown skrev: > >> Hi Alan, >> I'm sure that you will need to include the Private Key Chain in your PEM >> file to resolve this error. >> >> Have a look at >> http://www.digicert.com/ssl-**support/pem-ssl-creation.htm<http://www.digicert.com/ssl-support/pem-ssl-creation.htm> >> which shows the different ways of creating the PEM file. >> >> Although now that I think about it, I don't remember if I had to include >> this in mine the last time I created a Self Signed certificate so I >> could be wrong on the self signed front. However, I would recommend the >> full PEM file when you go live. >> >> >> ~Scott >> >> >> On 27 September 2012 10:16, Alan McGinlay <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hi All, >> >> I have been getting this error now no matter what I do when trying >> to setup and HTTPS listener with a self signed cert. >> >> "/etc/pound/pound.cfg line 56: SSL_CTX_use_PrivateKey_file failed - >> aborted" >> >> I have generated the ssl cert in myriad different ways, always with >> the same result. I have tried with pound 2.5 and 2.6 (from ubuntu >> precise and quantal respectively) but there is no change! The >> certificates test ok with the openssl command line so I am at a >> complete loss! >> >> Most of the info I have found on the net is from a few years back, >> could this be a new bug? >> >> pound.cfg listeners: >> >> ListenHTTP >> Address 199.10.64.8 >> Port 80 >> #Cert "/etc/ssl/certs/server.crt" >> Service >> HeadRequire "Host:.*redneck001-ext.__**example.se.*" >> >> BackEnd >> Address localhost >> Port 81 >> End >> End >> >> END >> >> ListenHTTPS >> Address 193.10.64.8 >> Port 443 >> Cert "/etc/ssl/certs/redneck001-__**ext.example.se.cert" >> Service >> HeadRequire "Host:.*redneck001-ext.__**example.se.*" >> >> BackEnd >> Address localhost >> Port 81 >> End >> End >> End >> >> Please help! >> >> /Alan >> >> -- >> To unsubscribe send an email with subject unsubscribe to >> [email protected] <mailto:[email protected]>. >> Please contact [email protected] <mailto:[email protected]> for questions. >> >> >> >> >> >> -- >> With Kind Regards. >> >> Scott McKeown >> Loadbalancer.org >> http://www.loadbalancer.org >> >> > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > -- With Kind Regards. Scott McKeown Loadbalancer.org http://www.loadbalancer.org
