Download raw body.
Relayd doesn't like ecdsa
Hi All,
When using edcsa within acme-client.conf, relayd is unable to use the
key/cert, it seems to be looking for an RSA key/cert specifically. Is
there a way to go around this?
Relevant part from acme-client.conf
#
domain www4 {
domain key "/etc/ssl/private/www4.key" ecdsa
domain full chain certificate "/etc/ssl/www4.fullchain.pem"
sign with letsencrypt
}
root@www4:~ # relayd -d -vvv
startup
relay_load_certfiles: using certificate /etc/ssl/46.23.xx.xx.crt
relay_load_certfiles: using private key /etc/ssl/private/46.23.xx.xx.key
parent_tls_ticket_rekey: rekeying tickets
relay_privinit: adding relay default_tls
protocol 1: name httpsfilter
flags: used, relay flags: tls
tcp flags: nodelay, sack
tls flags: tlsv1.2, tlsv1.3, cipher-server-preference
tls session tickets: disabled
type: http
block request quick header "Transfer-Encoding" value
"chunked"
match request header remove "Proxy" value "*"
match request header set "X-ClientIP" value
"$REMOTE_ADDR"
match request header append "X-Forwarded-For" value
"$REMOTE_ADDR"
match request header append "X-Forwarded-By" value
"$SERVER_ADDR:$SERVER_PORT"
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
pfe: filter init done
socket_rlimit: max open files 1024
relay_tls_ctx_create: loading certificate
ssl_load_pkey: failed to extract RSA
relay: relay_launch: failed to create TLS context
hce exiting, pid 22090
pfe exiting, pid 56946
ca exiting, pid 76726
ca exiting, pid 96555
ca exiting, pid 19965
lost child: pid 22403 exited abnormally
relay_tls_ctx_create: loading certificate
ssl_load_pkey: failed to extract RSA
relay: relay_launch: failed to create TLS context
lost child: pid 62035 exited abnormally
relay exiting, pid 15225
parent terminating, pid 83563
Mischa
Relayd doesn't like ecdsa