Try to create symlink in /etc/ssl/private. ln -s mydomain.org <http://mydomain.org/>.key 1.2.3.4.key, where â1.2.3.4â is your address in $ext_addr.
//mxb > On 3 maj 2015, at 13:04, Comète <com...@daknet.org> wrote: > > Hi, > > my tls key has no password and i already use it for other stuff, so i try to enable TLS with relayd like this: > > http protocol "http_tls" { > tls tlsv1 > tls ca key "/etc/ssl/private/mydomain.org.key" password "" > tls ca cert "/etc/ssl/mydomain.org.crt" > } > > relay transptls { > listen on $ext_addr port 443 tls > protocol "http_tls" > transparent forward with tls to "127.0.0.1" port http > } > > but i get this error: > > startup > socket_rlimit: max open files 1024 > socket_rlimit: max open files 1024 > relay_load_certfiles: using ca certificate /etc/ssl/mydomain.org.crt > socket_rlimit: max open files 1024 > socket_rlimit: max open files 1024 > relay_load_certfiles: using ca key /etc/ssl/private/mydomain.org.key > /etc/relayd.conf:24: cannot load certificates for relay transptls > no actions, nothing to do > ca exiting, pid 29173 > pfe exiting, pid 19946 > ca exiting, pid 3806 > ca exiting, pid 24689 > hce exiting, pid 32289 > relay exiting, pid 22936 > relay exiting, pid 25790 > > So, is it possible to use a tls key without password with relayd ? > > Thank you > > Morgan