Hey Guy, Thanks for the direction. But i was able to figure it out. It was a problem with ssl_db directory permissions not set correctly due to which ssl_crtd programs were unable to write to it. They would then terminate and return a NULL to squid. Upon seeing that all the ssl_crtd children were dying, squid decided to shut it self also. Regards, -talha On Thu, May 3, 2012 at 10:05 PM, Guy Helmer <guy.helmer@xxxxxxxxxxxxxxxxxxx> wrote: > > On May 3, 2012, at 5:05 AM, Ahmed Talha Khan wrote: > >> Hey all, >> I am using squid 3.2.17 to generate dynamic certificates in my proxy >> setup. The certificate generation programs are crashing instantly when >> a generation request goes to them on opening an https page. My machine >> is RHEL 5 (kernel 2.6.18-194) x86_64. >> >> >> Here is my squid conf: >> >> >> http_port 192.168.8.40:3128 ssl-bump generate-host-certificates=on >> dynamic_cert_mem_cache_size=4MB >> cert=/home/talha/squid/www.sample.com.pem >> key=/home/talha/squid/www.sample.com.pem >> > > What are your ssl_crtd settings? They should be something like this: > > sslcrtd_program /usr/local/libexec/squid/ssl_crtd -s /var/log/squid/ssl_db -M 4MB > sslcrtd_children 32 startup=5 idle=1 > > depending on the path for the ssl_crtd executable and the directory you want ssl_crtd to use to store the cached certs and metadata. > > Hope this helps, > Guy > > -------- > This message has been scanned by ComplianceSafe, powered by Palisade's PacketSure. -- Regards, -Ahmed Talha Khan
