Problem:
I’m trying to load Let’s Encrypt certificates into Foreman for various purposes and finding that it doesn’t seem to like my ec256 keys, as generated by “lego”.
2022-05-01 01:09:37 [ERROR ] [configure] May 01 01:09:37 foreman01 smart-proxy[30533]: 2022-05-01T01:09:37 [E] Unable to load private SSL key. Are the values correct in settings.yml and do permissions allow reading?
2022-05-01 01:09:37 [ERROR ] [configure] May 01 01:09:37 foreman01 smart-proxy[30533]: 2022-05-01T01:09:37 [W] Error details for Unable to load private SSL key. Are the values correct in settings.yml and do permissions allow reading?: <OpenSSL::PKey::RSAError>: Neither PUB key nor PRIV key: nested asn1 error
2022-05-01 01:09:37 [ERROR ] [configure] May 01 01:09:37 foreman01 smart-proxy[30533]: /usr/share/foreman-proxy/lib/launcher.rb:113:in `initialize'
Looking at the code…
def load_ssl_private_key(path)
OpenSSL::PKey::RSA.new(File.read(path))
I get the impression it’s loading keys specifically assuming they’re RSA keys, which breaks when it encounters a non-RSA key.
Expected outcome:
To be able to load the key.
Foreman and Proxy versions:
Foreman installer 3.2.
Distribution and version:
Debian 11
Other relevant data: