Trouble with PEM pass phrase prompt and systemd


#1

Hello,

I have set my haproxy with SSL and a passphrase is protecting my key, but when I start haproxy with systemctl. There is an error due to no passphrase sent.

haproxy-systemd-wrapper: executing /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid -Ds
haproxy-systemd-wrapper[7974]: Enter PEM pass phrase:
haproxy-systemd-wrapper[7974]: [ALERT] 176/133902 (7975) : parsing [/etc/haproxy/haproxy.cfg:39] : ‘bind *:443’ : unable to load SSL private key from P…fr.pemkey’.
haproxy-systemd-wrapper[7974]: [ALERT] 176/133902 (7975) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg

there is my configuration in haproxy.cfg:

frontend ssl_access
bind *:443 ssl crt /etc/ssl/cert.pemkey ca-file /etc/ssl/cacert.pem verify required

The systemd service file :

[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target

[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid $OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
KillMode=mixed

[Install]
WantedBy=multi-user.target

How can I get the service ask for the passphrase with systemd-ask-password or something like that ?

Regards