Web Safety Sync Fails with Crypto/TLS error
If you have manually generated the Root Decryption Certificate for HTTPS decryption, it might be possible for the Web Safety Sync daemon to fail to start - although the HTTPS decryption in itself works normally. The error usually contains the following message.
This happens when PEM file contains unexpected order of Private Key and Certificate. For the Web Safety Sync daemon to work correctly the myca.pem file should have the Private Key first, followed by the Certificate.
If you open the /opt/websafety/etc/myca.pem
file in any text editor the -----BEGIN PRIVATE KEY-----
section should be first, followed by the -----BEGIN CERTIFICATE-----
section.
This issue contains more information why this might happen and how to fix this error.