On 9/19/2012 1:44 PM, Linos wrote:
Hi,
i have been using Squid squid-3.2.0.17-20120527-r11561 in an Ubuntu Server
12.04 some time with ssl-bump without problems for a year, the ca cert expired
some days ago and with the new ca cert i installed squid 3.2.1 stable.
Now the proxy exists every time 10 or more users use https at the same time,
it's pretty strange, i have tried to downgrade to the old squid version but i
can't get the proxy to be stable no matter if using new or old version, i have
tried to recreate other cert just in case, same problem, i recreated too
squid_ssl_db and cache_dir, no matter what i do it keeps crashing, the cache log
read as this:
<SNIP>
I am using this ssl-bump line in squid.conf:
http_port 3150 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=16MB cert=/etc/squid3/ssl_cert/myCA.pem
I generated this myCA.pem using the instructions here
http://wiki.squid-cache.org/Features/DynamicSslCert
do you still have the old pem file?
If it's expired ok but it should be still running but creating defective
certificates.
did you changed ownership for the directory and files?
did you tried to run the command from shell to see if it works?
Eliezer
I don't know what more to do, could i do something to get a more clear error? i
have tried to use "debug_options ALL,9" but i only get much more noise (noise
for me at least). What could i do?
Regards,
Miguel Angel.
--
Eliezer Croitoru
https://www1.ngtech.co.il
IT consulting for Nonprofit organizations
eliezer <at> ngtech.co.il
