On 12/8/21 00:10, Anthony J. Bentley wrote:
> Jordan Geoghegan writes:
>> I generated a TLS cert with acme-client and tested and confirmed it
>> worked with httpd.
> Do curl/wget/ftp behave the same with httpd? If so that would imply
> the problem is with the certificate.
>
>> I then configured relayd to perform TLS acceleration
>> by following examples in the man pages. Everything works great when
>> tested from a web browser. However, when I try to fetch a file via curl,
>> wget or ftp etc, I get a cert validation error: (ip and domain removed
>> for privacy)
> Did you generate a full chain certificate with acme-client?
Hi Anthony,
Thanks for your response!
curl/wget/ftp work perfectly with httpd, that's what has me confused. As
soon as that cert gets loaded into relayd, curl/ftp/wget complain about
certificates, yet weirdly web browsers are perfectly happy.
Yes, I do have a full chain certificate generated - I have *.key, *.crt
and *.pem generated.
In the past, I've generated hundreds of certificates just like this one
to use in my httpd hosting cluster - I'm very confused as to why relayd
is puking with the certificate.
I'm happy to provide any further information that is needed, or even
provide remote access to the machine if desired. This is just a throw
away proof of concept test rig, so happy to assist in any way I can.
Regards,
Jordan
No comments:
Post a Comment