Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error : cannot load server cert/key: tls: found a certificate rather than a key in the PEM for the private key #387

Open
harunobukameda opened this issue Aug 18, 2023 · 1 comment

Comments

@harunobukameda
Copy link

harunobukameda commented Aug 18, 2023

I encounter below error when I use key generated by certbot.

2023/08/18 05:55:14 [ERROR] cannot load server cert/key: tls: found a certificate rather than a key in the PEM for the private key
2023/08/18 05:55:14 [FATAL] the server cert/key need to be generated; set the hostname, zone_id, and origin_ca_api_key values in your config file, or run the server with either the --config-only or --manual-activation flag to generate the pair interactively

gokeyless.yaml:

private_key_stores:

  • dir: /etc/keyless/keys

/etc/keyless/keys/

-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCsa0e4FgxLMoTx
Z3cw7ahCJBjS4+iz22/WnNlKa2ggh1jUyY7TATA5qkqxw79Iqgr5emd6a/vow7a1
DgNmpDVNzQqewBjdRjaHcrVe7M8J3YTP8yo4Tru1Io+Z8+OemyZaiba2xV61vw5B
Us7Vcg8/rO8LFGDzXkFjElHBP0d5uFzHZJPrTNZr6fpWefLDEuKecY2P6Y+CPDUT
zoa/vPBbh11jE41VIoQD4gf8YcSXbwV+GhTgdabVwC5nAYqNmW8UMEjE9Ae6ZO33
yV8ThMGmsDv+jIlQ0qVX3XbQ30zjcGbyrkcttaoZrMAwvW9Q6s/5gCfDYoZao8bL
dCsHSjtxAgMBAAECggEAfihtLLwtOKR5c+2B3/I1KFgjNcP/VALfHUhdEb/vS8Xc
8K2ebLQ05iy9RL726qNJLmwq5P+4LgNuX6ImSOcj/Y5nE+t5BgdHBOqg3RknEI/e
iw3guZyaahokusAir73UXXDgmXFnMFLgilmd773qfGv76L57hfdUnrobyeuUT/Gr
flGq5kknsCCZ+no5AEvYfUmEZIQWYr4+h7IMMBEnwgJIH0soAQVBPQC3gX9DntYS
AhHsx4UCWJmviQn5FgzIOHtunyd/ffI285gysMrU8Ddu2H2/Zuo3g05K8HDGqoVg
eZse7bkISmMeC286fu7POwRRK3ZAnniHGBm9dXwsJQKBgQDaGmDdtwLGGOr5VX2X
ZhYtLIC1DFZm61agCnQnYlqMZo+jA8c6Dr9r+fAa8wmqa6A5JXk/Cbh/RezbRXTg
JhyCaSAuc99RA8EKRCnP6UAo8FWtVflZXB70li4Lu2/YNkJo+rZhazj5nt59iDNy
6G/Av7mUkqv3elHqbC15qb3hbwKBgQDKYMuFsArNTWpvwdh1NbOVEkNZflBUusTA
//m1M/BzU2P+Sqx+Ftnll+niIk75AIpZGLs8PEIRxD1DLPHQjw7fu0GxL8ieqS2L
d4l3fRfKmzMoiZ5qNkhninAADsTfRniKLOLl6Pe2Ck3VavOwmYZA6Z/8oiUEkPjS
QJMxAP2BHwKBgA4zR3lIECMrvijLuyifWfRJAHxJOFrtGa/D3not+i1IBDQd69vI
iw3guZyaahokusAir73UXXDgmXFnMFLgilmd773qfGv76L57hfdUnrobyeuUT/Gr
flGq5kknsCCZ+no5AEvYfUmEZIQWYr4+h7IMMBEnwgJIH0soAQVBPQC3gX9DntYS
AhHsx4UCWJmviQn5FgzIOHtunyd/ffI285gysMrU8Ddu2H2/Zuo3g05K8HDGqoVg
eZse7bkISmMeC286fu7POwRRK3ZAnniHGBm9dXwsJQKBgQDaGmDdtwLGGOr5VX2X
ZhYtLIC1DFZm61agCnQnYlqMZo+jA8c6Dr9r+fAa8wmqa6A5JXk/Cbh/RezbRXTg
JhyCaSAuc99RA8EKRCnP6UAo8FWtVflZXB70li4Lu2/YNkJo+rZhazj5nt59iDNy
6G/Av7mUkqv3elHqbC15qb3hbwKBgQDKYMuFsArNTWpvwdh1NbOVEkNZflBUusTA
//m1M/BzU2P+Sqx+Ftnll+niIk75AIpZGLs8PEIRxD1DLPHQjw7fu0GxL8ieqS2L
d4l3fRfKmzMoiZ5qNkhninAADsTfRniKLOLl6Pe2Ck3VavOwmYZA6Z/8oiUEkPjS
QJMxAP2BHwKBgA4zR3lIECMrvijLuyifWfRJAHxJOFrtGa/D3not+i1IBDQd69vI
2AfEtzBaAJga98ygtvs2u891kw1XwVtSv+pxw8mie7i/oNL1Sy+hRS8lLr7haSG7
ULymBot3Abo3Fi3VnQhMveHqyRutQYRKw/Ptx7x3rECpsymrL27LcXR7AoGBAJNr
x1XvUy8SgcI/NurK37Jrx1vdw661DrZ4wPHakAGycVjAFL8U7k1tSBZOX7DLT/xv
I5VRX9+JUAcrKkt+qpsX0Va9NCs/mcnKnfzIxxfzzmRtO1Srjjq+ga/JEmiC8TPW
VsKb3jZhcylP64xtiXqntL9XbhfRcy/VkmNUEVaJAoGAMrJ2K8Tpv+ktK3+Ykxs8
JIP0YSPuKLDMpdJOeaOXj4FrVVEQOdp2ukLqG0teyFy0LXGIqUqcV8xG4wWqb8lg
i387Cw6BdcfUrj+fpg5BUnbgE+ER9iH8petD8YKBKTFYXQYy85YbaEoCjcz35Th/
zRepThQ8vKjp3H3gr4WHO+g=
-----END PRIVATE KEY-----

What did I miss?

@nickysemenza
Copy link
Member

There's a cert and key used for gokeyless communication, that's what the error is referring to. It's not related to the private keys you put in /etc/keyless/keys/. Try running the bootstrapping process (e.g. --config-only )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants