I'm on openbsd 6.8, ran syspatch today.
relayd.conf:
table <nextcloudservice> { 192.168.1.158 }
http protocol "httpproxy" {
pass request quick header "Host" value "nextcloud.mydomain.com" \
forward to <nextcloudservice>
block
}
relay "proxy" {
listen on 192.168.1.156 port 80
protocol "httpproxy"
forward to <nextcloudservice> port 80
}
http protocol "https" {
tls keypair nextcloud.mydomain.com
return error
pass
}
relay "secure_proxy" {
listen on 192.168.1.156 port 443 tls
protocol https
forward to <nextcloudservice> port 80
}
Works for regular http, but when I try adding the https blocks I get:
/etc/relayd.conf:25: cannot load keypair nextcloud.mydomain.com
for relay secure_proxy
The keys are in /etc/ssl/ and /etc/ssl/private, and I got them from
acme-client via lets encrypt. Named:
nextcloud.mydomain.com:443.fullchain.crt
and
nextcloud.mydomain.com:443.key
Also tried generating them without the ports and with .pem,
etc.
Also, I've tried replacing 192.168.1.156 in the listen on
line in secure_proxy with "nextcloud.mydomain.com"
I've tried various examples online as well. Any help would
be appreciated! At this point it feels like a bug, but apparently
others have it working.
No comments:
Post a Comment