Re-adding the list.
And:
> Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ??
Yes. Though I am not sure what file.crt and file.pem are :)
Cheers,
Daniel
--
Daniel Schneller
Principal Cloud Engineer
CenterDevice GmbH | Hochstraße 11
| 42697 Solingen
tel: +49 1754155711 | Deutschland
[email protected] | www.centerdevice.de
Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina,
Michael Rosbach, Handelsregister-Nr.: HRB 18655,
HR-Gericht: Bonn, USt-IdNr.: DE-815299431
> On 12. Jan. 2017, at 13:27, Thierry <[email protected]> wrote:
>
> Hi,
>
> You are right, I am using the v1.7.1-1 on Debian.
> I do have paid ssl certificate (.key, .crt, .pem). They all are in non
> world-readable folder.
> Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ??
>
> Thx
>
>> Thierry,
>
>
>> always helps to know the haproxy version you use.
>> As for your error message, do you have private key, your site’s
>> certificate and all necessary chain certificates in the crt files you
>> reference in your config?
>
>
>> IIRC they need to be in the order
>
>
>> 1. key
>> 2. site cert (“leaf”)
>> 3. intermediates
>
>
>> Make sure to have these files not world-readable as they contain secret
>> crypto material.
>
>
>> HTH,
>> Daniel
>
>
>
>
>
>
