Janis wrote:
Hi!
I tried to configure secondary proxy to use ssl for communications
with parent proxy, but can not succed.
there are cnf lines od secondary server:
cache_peer IP_addr parent PORT 3130 proxy-only ssl \
sslcert=/etc/ssl/host.cert \
sslkey=/etc/ssl/host.key \
sslflags=DONT_VERIFY_PEER
(I use self signed certificates), other sslflags (NO_DEFAUL_CA,
DONT_VERIFY_DOMAIN) caused bungled error
the best of what i got is:
fwdNegotiateSSL: Error negotiating SSL connection on FD 18:
error:00000000:lib(0):func(0):reason(0) (5/0/0).
On the parent server is acl allowing this secondary server to connect.
Are you using an http_port, or an https_port directive on the parent
server? What does it look like?
What is wrong or what must be configured at parent server (or
secondary also) for this to work? googling gave no useful help.
Both sides ar running squid-3.0st4 with ssl compiled in.
./configure --with-maxfd=8192 \
--prefix=/usr \
--sysconfdir=/etc/squid \
--localstatedir=/var/log/squid \
--enable-linux-netfilter \
--enable-ssl \
--with-pthreads \
--with-openssl \
$ARCH-slackware-linux
Janis
Chris
