Editor FoodSQM.com wrote:
Hello,
Maybe I am going about this wrong. I am running squid 2.6 with SSL
support to enable the https port.
The cert seems to be working fine with one exception.
I cannot sort out how to set up the the cert chain necessary Duane
Wessel's book make no mention of chain files for
certs, and about 20 minutes of googleing turns up nothing.
So does squid support chaining of certs as Apache does? (eg.
SSLCertificateChainFile /usr/local/ssl/private/IPS-IPSCABUNDLE.crt)
If it does where can I find the documentation? If not that's fine, but
I couldn't find an answer like "squid 2.x does not support that, you
must do something else"
According to
http://www.squid-cache.org/mail-archive/squid-users/200509/0289.html,
Squid 2.5 didn't support it natively, but did have a patch. Many of the
"unsupported" 2.5 patches were rolled into 2.6, but I can't tell (either
from the release notes
(http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE1-RELEASENOTES.html)
or the change logs
(http://www.squid-cache.org/Versions/v2/2.6/changesets/)) if the SSL
patch was.
Try following the tip in that maillist message and see if it works for you.
Here's another note with some more details:
http://www.squid-cache.org/mail-archive/squid-users/200611/0254.html
Which if I had seen that I wouldn't be writing to the list. I would be
doing something else right now.
cheers
sparky
Chris
