HAProxy adds wrong SSL filename prefix to the configuration file for ssl crt-list ca-file
-
I recently start have trouble saving my HAProxy configuration due to a error. It keeps adding clientca_ in front of the SSL offload certificate name. On file level this file does not exist! I tested with both HA Proxy plugins, the regular and dev version. I tried to regenerate the SSL (Lets Encrypt) but this keeps happening.
[ALERT] (45623) : config : Couldn't open the ca-file '/var/etc/haproxy_test/clientca_shared-frontend.pem' (No such file or directory).
[ALERT] (45623) : config : parsing [/var/etc/haproxy_test/haproxy.cfg:28] : 'bind 0.0.0.0:443' in section 'frontend' : 'ca-file' : unable to load /var/etc/haproxy_test/clientca_shared-frontend.pemDoes anybody have the same behaviour? to be clear I have the 25.07-RC running.
The relevant part of /var/etc/haproxy_test/haproxy.cfg
frontend shared-frontend
bind 0.0.0.0:443 name 0.0.0.0:443 ssl crt-list /var/etc/haproxy_test/shared-frontend.crt_list ca-file /var/etc/haproxy_test/**clientca_**shared-frontend.pem verify required crl-file /var/etc/haproxy_test/**clientcrl_**shared-frontend.pem -
Retested on 24.11-RELEASE (amd64) all seems to work. So it seems right to file a bug for this issue.
-
This post is deleted!