Anyone know if relayd supports ECDSA certificates?
I'm trying to setup a TLS accelerator using an ECDSA cert and it's
crapping with a 'Broken pipe' error right after loading the certificate
and private key.
OpenBSD hostname.tld 5.7 GENERIC#1 amd64
=== relayd.conf ===
table <test_relay> { 127.0.0.1 }
http protocol "https" {
tls { ciphers "HIGH" }
}
relay "test_relay" { listen on egress port 443 tls
protocol "https"
forward to <test_relay> port 80
}
====================
# relayd -dvv
startup
relay_load_certfiles: using certificate /etc/ssl/xxx.xxx.xxx.56.crt
relay_load_certfiles: using private key /etc/ssl/private/xxx.xxx.xxx.56.key
relay_privinit: adding relay test_relay
protocol 1: name https
flags: used, relay flags: tls
tls flags: tlsv1.0, tlsv1.1, tlsv1.2, client-renegotiation
type: http
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
ca_engine_init: using RSAX engine support
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
ca_engine_init: using RSAX engine support
ca_engine_init: using RSAX engine support
ca_engine_init: using RSAX engine support
relay_tls_ctx_create: loading certificate
relay_tls_ctx_create: loading private key
ca exiting, pid 9031
ca exiting, pid 21800
ca exiting, pid 20812
fatal: parent: Broken pipe
pfe exiting, pid 16133
hce exiting, pid 9636
