OSError: [Errno 21 No such file or directory: '/var/lib/haproxy/selfsigned.key"
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
charm-haproxy |
New
|
Undecided
|
Unassigned |
Bug Description
Hello,
subtitle: Adding manual machines with DNS breaks selfsigned certificate generation
[Description]
When deploying haproxy on a manual machine with DNS, e.g juju add-machine ssh:<email address hidden>, the juju public address is configured as host.subdomain.
This causes an error with haproxy, where if SELFSIGNED is enabled in the ssl_cert configuration, HA proxy will put the public-address into the IP config:
/var/lib/
... rest of openssl config....
[alt_names]
IP.1 =SENV::
IP.2 -SENV::
The result is that the config-changed hook of haproxy fails:
139709383779456: error: 22098880:X509 V3 routines:
File "./hooks/
main (hook_name) File "./hooks/
config_changed() File "./hooks/
notify_
ssl_cert base64.
File/hooks/
gen_selfsigned_cert (cert_file, key_file) File ./hooks/
os.chown (key_file, uid, -1)
OSError: [Errno 21 No such file or directory: '/var/lib/
[Reproducer]
1. Create a new model in juju
2. Add a manual machine with DNS, e.g. juju add-machine ssh:<email address hidden>
3. Deploy haproxy with a backend application, and the SELFSIGNED configuration enabled.
[Workaround]
Edit the /var/lib/
[alt_names]
DNS.1 =SENV::
IP.1 -SENV::
Thanks,
Peter