Fixes #26088 - ensure RSA word for SSLProxyMachineCertificateFile
Apaches's SSLProxyMachineCertificateFile is not able to find a key wrapped in `-----BEGIN PRIVATE KEY-----`, which is the format that is generated when running the server in FIPS mode. It seems that just making sure the RSA word is there make Apache happy to find the key.
I've added `force_rsa` option for the cert files resources to enforce the RSA word to be there when wrapping the private key + used that to generate the client bundle for SSL proxy to use it.
Related issues
Bug #26088: httpd fails to start after installing capsule in FIPS mode
Added by Ivan Necas over 5 years ago
Fixes #26088 - ensure RSA word for SSLProxyMachineCertificateFile
Apaches's SSLProxyMachineCertificateFile is not able to find a key
wrapped in `-----BEGIN PRIVATE KEY-----`, which is the format that is
generated when running the server in FIPS mode. It seems that just making
sure the RSA word is there make Apache happy to find the key.
I've added `force_rsa` option for the cert files resources to enforce the
RSA word to be there when wrapping the private key + used that to
generate the client bundle for SSL proxy to use it.