Pound mailing list,
I am confused by an error message that I am getting when I attempt to
start pound. Let's say my domain is pound_example.info. Here is my
error message:
command prompt> pound -f /etc/pound.conf
starting...
/etc/pound.conf line 49: SSL_CTX_use_certificate_chain_file failed - aborted
I am running WHM/cPanels with a properly installed and configured Apache
and SSL certs. My httpd.conf is pointing my virtual host to three files:
SSLCertificateFile /etc/ssl/certs/pound_example.info.crt
SSLCertificateKeyFile /etc/ssl/private/pound_example.info.key
SSLCACertificateFile /etc/ssl/certs/pound_example.info.cabundle
Here is my pound.conf file:
#----------------------------------------
ListenHTTP
Address 1.2.3.4
Port 80
Service
HeadRequire "(Host: pound_example.info|Host:
www.pound_example.info)"
Redirect "https://pound_example.info";
End
End
ListenHTTPS
HeadRemove "X-Forwarded-Proto"
AddHeader "X-Forwarded-Proto: https"
Address 1.2.3.4
Port 443
Cert "/etc/ssl/certs/pound_example.info.crt"
Service
BackEnd
Address 1.2.3.4
Port 44343
End
End
End
#----------------------------------------
Finally, Apache is running on ports 8080 and 44343 for http and https,
respectively.
>From what I can gather on Google is that there might be an issue with
how I am doing things. The main question I have is how do I specify the
use of these three files (.crt, .cabundle, .key) in Pound? Some sites
have suggested that crt and cabundle need to be in one file (that didn't
work for me) and others have suggested that the key file needs to be
in. (Should the key file really be in? I thought this was supposed to
be private.) Also, some sites have suggested that a new private key be
generated. *So my question is that given three SSL files that work in
my current WHM/cPanels/Apache configuration how do I translate my three
files into a proper pound.conf file?*
Thank you in advance for your help with this!
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
