Thanks a lot! The problem was the ssl cert in the pem format, after getting this right everything works as it should! First I did export the cert (mmc using the Certification Snap In) export, without select the strong authentication option, and including the private key. I than processed the resulting in.pfx file with: openssl pkcs12 -in in.pfx -out out.pem Doing this I had to enter a pass phrase. Next I had to remove the pass phrase again: openssl rsa -in key.pem -out keyout.pem But after that the private key was missing. So the last step was to add the private key again using a text editor. There is probably a smarter way to do this. Theo Henrik Nordstrom-5 wrote: > > ons 2008-12-03 klockan 06:25 -0800 skrev TheoB: >> I have a running http reverse proxy setup. Now I want to add SSL. >> >> The first thing I try is to make squid listening on port 443: >> >> https_port 192.168.1.151:443 accel cert=C:/squid/ssl/xxx.pem >> key=C:/squid/ssl/xxx.pem defaultsite=mirror.xxx.com vhost > > looks fine. > >> Squid starts but is not listening on 192.168.1.151:443. In the log I see >> no >> indication that squid tries to set up an https listener. > > Is there any relevant warnings in cache.log? > > Do the pem file contain the certificate + unencrypted key? > > (for encrypted keys you need additional directives telling Squid how to > get the key encryption password) > > Also try starting Squid "interactively" from a command window: > > /squid/sbin/squid -n squid -DNYCd3 > > Regards > Henrik > > > -- View this message in context: http://www.nabble.com/SSL-on-Squid-2.7-Windows-tp20813896p20882109.html Sent from the Squid - Users mailing list archive at Nabble.com.
