haproxy fails to start after SSL certificate is updated

Solution In Progress - Updated -


After updating the public endpoint certificate for OpenStack, the haproxy resource is not starting anymore, failing with the following error:

 pcs status
Failed Resource Actions:
* haproxy-bundle-docker-0_start_0 on controller-0 'unknown error' (1): call=115, status=complete, exitreason='Newly created docker container exited after start',
    last-rc-change='Tue Nov  9 19:01:43 2021', queued=0ms, exec=1946ms

In the systemd journal, the following error is logged:

[root@controller-0 ~]$ journalctl --boot
Nov 09 17:54:03 controller-0.example.com dockerd-current[4716]: [ALERT] 312/175403 (12) : parsing [/etc/haproxy/haproxy.cfg:220] : 'bind' : unable to load SSL private key from PEM file '/etc/pki/tls/private/overcloud_endpoint.pem'.
Nov 09 17:54:03 controller-0.example.com dockerd-current[4716]: [ALERT] 312/175403 (12) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg


  • Red Hat OpenStack Platform 16

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content