Hi all,
I just downloaded and compiled HA-Proxy version 1.5.5 (2014/10/07) using
"make TARGET=linux2628 ARCH=native USE_OPENSSL=yes".
All runs well when not using any SSL.
However adding this line to the config causes a segmentation fault (core
dump) while starting or even checking the config file:
bind *:10443 ssl crt /tmp/certandkey
gdb output:
Starting program: /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -c
warning: no loadable sections found in added symbol-file system-supplied
DSO at 0x7ffff7ffa000
[Thread debugging using libthread_db enabled]
Program received signal SIGSEGV, Segmentation fault.
0x0000000000474c90 in bind_parse_ssl (args=<value optimized out>,
cur_arg=<value optimized out>, px=<value optimized out>, conf=<value
optimized out>, err=<value optimized out>) at src/ssl_sock.c:4043
4043 list_for_each_entry(l, &conf->listeners, by_bind)
The file /tmp/certandkey is world-readable and is structured as follows
(also tried other orders but also failed):
-----BEGIN CERTIFICATE-----
<mycert>
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
<mykey>
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
<intermed-ca-1>
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
<intermed-ca-2>
-----END CERTIFICATE-----
The platform is CentOS release 6.5 (Final), 2.6.32, x86_64.
What could be the issue here?
Thanks,
Marco
