From: Mischa Subject: Relayd doesn't like ecdsa To: Tech Date: Thu, 23 Apr 2026 14:07:45 +0200 Hi All, When using edcsa within acme-client.conf, relayd is unable to use the key/cert, it seems to be looking for an RSA key/cert specifically. Is there a way to go around this? Relevant part from acme-client.conf # domain www4 { domain key "/etc/ssl/private/www4.key" ecdsa domain full chain certificate "/etc/ssl/www4.fullchain.pem" sign with letsencrypt } root@www4:~ # relayd -d -vvv startup relay_load_certfiles: using certificate /etc/ssl/46.23.xx.xx.crt relay_load_certfiles: using private key /etc/ssl/private/46.23.xx.xx.key parent_tls_ticket_rekey: rekeying tickets relay_privinit: adding relay default_tls protocol 1: name httpsfilter flags: used, relay flags: tls tcp flags: nodelay, sack tls flags: tlsv1.2, tlsv1.3, cipher-server-preference tls session tickets: disabled type: http block request quick header "Transfer-Encoding" value "chunked" match request header remove "Proxy" value "*" match request header set "X-ClientIP" value "$REMOTE_ADDR" match request header append "X-Forwarded-For" value "$REMOTE_ADDR" match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" socket_rlimit: max open files 1024 socket_rlimit: max open files 1024 socket_rlimit: max open files 1024 pfe: filter init done socket_rlimit: max open files 1024 relay_tls_ctx_create: loading certificate ssl_load_pkey: failed to extract RSA relay: relay_launch: failed to create TLS context hce exiting, pid 22090 pfe exiting, pid 56946 ca exiting, pid 76726 ca exiting, pid 96555 ca exiting, pid 19965 lost child: pid 22403 exited abnormally relay_tls_ctx_create: loading certificate ssl_load_pkey: failed to extract RSA relay: relay_launch: failed to create TLS context lost child: pid 62035 exited abnormally relay exiting, pid 15225 parent terminating, pid 83563 Mischa