Search squid archive

Re: HTTPS Reverse Proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On fre, 2007-09-21 at 12:31 +0100, Gordon McKee wrote:

> here are the squid.conf line
> https_port 82.36.186.17:443 
> cert=/usr/local/etc/squid/sslcert/opl20070919.pem ca
> file=/usr/local/etc/squid/sslcert/opl-all.pem name=opls 
> defaultsite=www.optimalp
> rofit.com
> 
> cache_peer 192.168.0.11    parent   443  0  no-query originserver login=PASS 
> nam
> e=opls ssl sslcert=/usr/local/etc/squid/sslcert/opl20070919.pem
> cache_peer_domain opls www.optimalprofit.com



> 2007/09/21 12:24:41| fwdNegotiateSSL: Error negotiating SSL connection on FD 
> 19: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate 
> verify failed (1/-1/0)
> 2007/09/21 12:24:41| TCP connection to 192.168.0.11/443 failed
> 

You need to move cafile from https_port to cache_peer. It's the peers
certificate which is rejected.

It's not needed in https_port.

Regards
Henrik

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux