Re: tls with relayd (on 5.7) and key without password

Sun, 03 May 2015 11:51:06 -0700 

Try to create symlink in /etc/ssl/private.
ln -s mydomain.org <http://mydomain.org/>.key 1.2.3.4.key, where “1.2.3.4”
is your address in $ext_addr.

//mxb

> On 3 maj 2015, at 13:04, Comète <com...@daknet.org> wrote:
>
> Hi,
>
> my tls key has no password and i already use it for other stuff, so i try to
enable TLS with relayd like this:
>
> http protocol "http_tls" {
>    tls tlsv1
>    tls ca key "/etc/ssl/private/mydomain.org.key" password ""
>    tls ca cert "/etc/ssl/mydomain.org.crt"
> }
>
> relay transptls {
>    listen on $ext_addr port 443 tls
>    protocol "http_tls"
>    transparent forward with tls to "127.0.0.1" port http
> }
>
> but i get this error:
>
> startup
> socket_rlimit: max open files 1024
> socket_rlimit: max open files 1024
> relay_load_certfiles: using ca certificate /etc/ssl/mydomain.org.crt
> socket_rlimit: max open files 1024
> socket_rlimit: max open files 1024
> relay_load_certfiles: using ca key /etc/ssl/private/mydomain.org.key
> /etc/relayd.conf:24: cannot load certificates for relay transptls
> no actions, nothing to do
> ca exiting, pid 29173
> pfe exiting, pid 19946
> ca exiting, pid 3806
> ca exiting, pid 24689
> hce exiting, pid 32289
> relay exiting, pid 22936
> relay exiting, pid 25790
>
> So, is it possible to use a tls key without password with relayd ?
>
> Thank you
>
> Morgan

Reply via email to