Unable to open a port using haproxy

Gayathri Manoj <gayathri.annur@gmail.com> Tue, Mar 5, 3:50 PM (1 day ago)

to haproxy

Hi All,

I am getting the below error while loading haproxy service.

‘bind :::6971’ : unable to load SSL private key into SSL Context ‘/usr/xxx/yyy/HAProxy.pem.rsa’.

Command used for starting the haproxy service :

haproxy -D -f /usr/local/conf/haproxy.conf

Conf file contains many port and if i comment this particular port then the service is starting.

Tested the below things:

  1. Certificate and its key match

  2. Executed the test in SELinux permissive mode

  3. Order changed for HAProxy_truststore.pem.

Bind command :

bind :::6971 ssl crt /usr/xxx/yyy/HAProxy.pem ca-file /usr/xxx/yyy/HAProxy_truststore.pem verify optional force-tlsv12 ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256 npn http/1.1 curves P-256:P-384:P-521 prefer-client-cip

Thanks,
Gayathri