Hi misc@
I am using the example for the TLS inspection from the relayd.conf(5) man
page:
# openssl req -x509 -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/ca.key -out /etc/ssl/ca.crt
I set the PEM password to "password123"
then have the following relayd.conf:
http protocol httpfilter {
return error
pass
match label "Prohibited!"
block url "social.network.example.com/"
# New configuration directives for SSL/TLS Interception
tls ca key "/etc/ssl/private/ca.key" password
"password123"
tls ca cert "/etc/ssl/ca.crt"
}
relay tlsinspect {
listen on 127.0.0.1 port 8443 tls
protocol httpfilter
forward with tls to destination
}
and i get when running: relayd -n
/etc/relayd.conf:17: cannot load certificates for relay tlsinspect
tested on 6.6 and -current from a few days prior, both amd64
am i missing a step here?
thankyou!
No comments:
Post a Comment