On mån, 2008-06-02 at 13:41 +0300, Odhiambo Washington wrote: > (actually, this is supposed to be the only entry for cache_peer I am > goingto have?) If you only have one server, and that server is only talking http then yes there is only a single cache_peer.. > That has worked. It also requied a PEM passphrase. I hope this is not > supposed to be another problem. These ssl stuff! You can configure the password in squid.conf if the PEM key is encrypted, or easily decrypt it with the openssl rsa command. > In my case, I don't have a certificate for the external hostname, > which brings me back to the confusing issue regarding the certificate: > I can make a self-signed certificate for the external hostname. Not a > problem. However, does this mean I really don't need the internal > certifcate Exchange is using? Correct. > Suppose: > > My Squid host is publicly known as mail.odhiambo.COM (IP of 1.2.3.4) > My Exchange server is named msexch.msexch.odhiambo.BIZ (IP of 192.168.0.26) > > Given that both OWA and RPCoHTTPS are directed at these... > > What values should I use for the following variables (from the wiki): > > (a) owa_hostname? In https_port defaultsite you should use mail.odhiambo.COM as this is what the clients are expected to connect to. > (b) ip_of_owa_server? The ip of your exchange/owa server. > (c) rpcohttp.url.com? Ignore. That example uses a setup with more Exchange servers, where OWA is running on a separarate server from Exchange. > (d) the_exchange_server? Ignore as above. > >From there, I believe I will only get stuck at the ssl certificates > step, which is where I am still a bit confused. Since you are not going to use a real certificate then issue yourself a self-signed one using OpenSSL. openssl req -new -x509 -days 10000 -nodes -out mail.odhiambo.COM_selfsigned.pem -keyout mail.odhiambo.COM_key.pem Regards Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
