Maik Fuss wrote:
Hi List,
I want to use Squid as a reverse proxy with ssl support, so i setup a
config like this:
<snip>
https_port 192.168.9.109:443 cert=/etc/squid/ssl/domain.tld.crt
key=/etc/squid/ssl/domain.tld.key vhost
http_port 192.168.9.109:80 vhost
cache_peer 192.168.222.109 parent 80 0 proxy-only no-query originserver
no-digest front-end-https=on sslcert=/domain.tld.crt
sslkey=/etc/squid/ssl/domain.tld.key name=109_http
Most peers use port 443 for HTTPS. Are you sure its running on port 80
that way?
acl testdomain dstdomain naturmed.online.biering.de
acl testdomain_ADR dst 192.168.222.109
acl testdomain_PORT port 80 443
cache_peer_access 109_http allow testdomain
http_access allow testdomain_ADR testdomain_PORT
</snap>
but..
if i restart squid i become this msg:
<snip>
Failed to acquire SSL certificate '/etc/squid/ssl/domain.tld.crt':
error:20074002:BIO routines:FILE_CTRL:system lib
<snap>
the cert's are from a ISP who says that's a modssl (apache) cert, so...
is the reason for this the wrong cert-type?
I don't know, sorry, lets hope someone else does.
the system is Gentoo
Amos
--
Please use Squid 2.7.STABLE1 or 3.0.STABLE6
