On 16-07-31 12:58:35, James Pole wrote:
> Hello again,
> 
> Given the following httpd.conf(5) configuration on an OpenBSD 5.9-stable
> machine???
> 
> server "pole.net.nz" {
>         hsts preload
>         hsts subdomains
>         listen on egress tls port 443
>         root "/htdocs/pole.net.nz"
>         tls certificate "/etc/letsencrypt/live/cellsites.nz/fullchain.pem"
>         tls key "/etc/letsencrypt/live/cellsites.nz/privkey.pem???
> }
> 
> ???all works as expected (or in other words, `httpd -n` doesn???t complain).
> 
> I will be using the same certificate for several websites since httpd(8) does
> not yet support SNI. So I thought I would create a macro for the path to the
> TLS certificate and key file and refer to it. So I changed my httpd.conf as
> follows???
> 
> abc="/etc/letsencrypt/live/cellsites.nz/fullchain.pem"
> def="/etc/letsencrypt/live/cellsites.nz/privkey.pem"
> server "pole.net.nz" {
>         hsts preload
>         hsts subdomains
>         listen on egress tls port 443
>         root "/htdocs/pole.net.nz"
>         tls certificate $abc
>         tls key $def
> }
> 
> ???however `httpd -n` fails with the following error ???
> 
> $ doas httpd -n
> /etc/httpd.conf:8: syntax error
> no actions, nothing to do
> 
> A similar error occurs if I explicitly define the path for the certificate
> (i.e. without using the macro) and use the macro for the key.
> 
> Are macros not supported for the 'tls certificate' and 'tls key' options?
> 
> Regards,
> James
> 
Seems like it should work, but I just tested with the same results.
-- 
Edgar Pettijohn

Reply via email to