Search squid archive

Re: ssl_crtd helpers are crashing to rapidly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 09.10.2012 10:41, Jesse Smith wrote:
I got it working, was missing the configure.ac file for my src distrib. 



What do you mean by this?


Now, i get that port 443 is binded and not available.
Something is already using it. Details would help. (but sort out the version you are using first, see below). 




On 10/8/2012 2:46 PM, Jesse Smith wrote:
Greetings, any help with this would be greatly appreciated. I am trying to use the ssl_bump option to dynamically generate certificates.
I am getting the/*'fatal ssl_crtd helpers are crashing to rapidly squid'*/ when running Squid *3.1.2.0* and openssl-*1.0.0i*.
"3.1.2.0" ?? there was no such number release. On stable releases of Squid we only have three numeric positions and the last one is always "1" or higher for our formal packages, never "0" (which would indicate the undocumented alpha code from before beta series started). 

Did you mean 3.1.20?



I have all the latest patches applied.
Then your version should be 3.1.21 (final 3.1 series release) or 3.2.2 (current stable release). There have been no patches ported to those series since either was packaged.
For SSL-bump feature related stuff please use 3.2 series at the oldest if your require "stable" stamp on any code built. 3.3 packages are starting to become available now for testing and have about the same stability as 3.2 series - and a *LOT* better SSL-Bump functionality. 

Amos



Here is my squid.conf:

   sslproxy_cert_error allow all

   always_direct allow all
   ssl_bump server-first

   http_port 10.1.10.136:3128 ssl-bump generate-host-certificates=on
   cert=/usr/local/squid3/certs/www.sample.com.pem accel vhost
   defaultsite=sd.primepubsafety.com

   https_port 10.1.10.136:3129 ssl-bump intercept
   generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
   cert=/usr/local/squid3/certs/www.sample.com.pem

   sslproxy_flags DONT_VERIFY_PEER

   sslcrtd_program /user/local/squid3/libexec/ssl_crtd -s -d
   :/usr/local/squid3/var/ssl_db -M 4MB
   sslcrtd_children 30 startup=5 idle=1
Permissions have been set on ssl_db for the Squid user. Swap directories have been created. 

Thanks,
Jesse
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux