On 14/02/11 20:53, John Gardner wrote:
It does not matter where the files are generated. As long as they are
stored on the Squid box for Squid to access.
For Squid you do not have to install anything into OpenSSL, which is
just a library.
Thanks for the pointers Amos.
Hopefully I'm going to attempt to do it this way;
1) Export the file from the Windows server as a .pfx file
2) Separate the private key from the .pfx file;
openssl pkcs12 -in windows.pfx -out outputfile.txt -nodes
3) Extract the private key from outputfile.txt and store it as private.key
4) Then add the line to Squid;
https_port 443 cert=/usr/newrprgate/CertAuth/verisign.cert key=/usr/newrprgate/CertAuth/private.key defaultsite=mywebsite.mydomain.com vhost
Where;
private.key = the original private key of the Windows server that generated the original request
verisign.cert = the wildcard certificate back from Verisign
Can anybdy see any immediate faults with doing it this way?
Thanks
John
That matches what I would expect to work.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.11
Beta testers wanted for 3.2.0.4