Disregard, I figured it out. In my helper script I had a mistake in counting the number of chars in my cert/key. Fixed that and now it works. On Mon, Dec 27, 2010 at 1:56 PM, Alex Ray <alexray@xxxxxxxxxxxxxxx> wrote: > Here are logs from /usr/local/squid/var/lib/ssl_db/index.txt > > V 131124202916Z 058BD142 unknown > /CN=www.microsoft.com-----BEGIN CERTIFICATE----- > V 131124203005Z 058BD143 unknown > /CN=clients1.google.com-----BEGIN CERTIFICATE----- > V 131124203006Z 058BD144 unknown > /CN=mail.google.com-----BEGIN CERTIFICATE----- > > > On Mon, Dec 27, 2010 at 1:00 PM, Alex Ray <alexray@xxxxxxxxxxxxxxx> wrote: >> No, the certificate is being made, just incorrectly. Look at the common name: >> >> microsoft.com-----BEGIN CERTIFICATE----- >> >> ^ I'm fairly sure that "-----BEGIN CERTIFICATE-----" shouldn't be a >> part of the CN for microsoft.com. >> >> On Mon, Dec 27, 2010 at 12:42 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: >>> On 28/12/10 06:42, Alex Ray wrote: >>>> >>>> Looks like dynamic ssl certs are still broken as of 3.2.0.4: >>>> >>>> microsoft.com uses an invalid security certificate. >>>> >>>> The certificate is not trusted because it is self-signed. >>>> The certificate is only valid for microsoft.com-----BEGIN CERTIFICATE----- >>>> >>>> (Error code: sec_error_untrusted_issuer) >>> >>> Does your browser trust the signing CA? >>> That message does not show up if the CA is installed in the browser. >>> >>> Amos >>> -- >>> Please be using >>> Current Stable Squid 2.7.STABLE9 or 3.1.10 >>> Beta testers wanted for 3.2.0.4 >>> >> > > > > -- > Alex Ray > > Technical Support Representative > > Enhanced Software Products, Inc. > > www.espsolution.net > > 800 456-5750 > > > > NOTICE: This e-mail may contain confidential or legally privileged > information and is intended solely for delivery to the specific person > identified as the recipient. Any review, re-transmission, > dissemination or other use or taking of any action in reliance upon > this e-mail by persons other than the intended recipient is prohibited > and may require legal action. If you receive this e-mail in error, > please contact me at the address above and delete from your computer > system, or otherwise from your records, the information, which was > transmitted to you in error. > -- Alex Ray Technical Support Representative Enhanced Software Products, Inc. www.espsolution.net 800 456-5750 NOTICE: This e-mail may contain confidential or legally privileged information and is intended solely for delivery to the specific person identified as the recipient. Any review, re-transmission, dissemination or other use or taking of any action in reliance upon this e-mail by persons other than the intended recipient is prohibited and may require legal action. If you receive this e-mail in error, please contact me at the address above and delete from your computer system, or otherwise from your records, the information, which was transmitted to you in error.
