Search squid archive

Dynamic Certs - No Valid SSL Signing Cert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



When trying to generate dynamic certs using ssl-bump and Squid 3.3, we are getting the "No Valid SSL Signing Cert .." message, though the path to the cert is correct, as is the permissions on the cert file.

We are trying to use a CA cert for the purpose of signing the dynamically generated cert. The Squid config is for https port is below:

=============================================================
https_port 10.1.10.136:443 ssl-bump intercept generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/var/ssl_db/certs/DigiCertHighAssuranceEVRootCA.crt vhost
=============================================================

Does anyone know why this cert would not be a valid signing cert? It works when using a self-signed cert, but get the message Protocol error (TLS code: X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT), because the signing cert is not trusted to sign the generated cert, hence going with the CA cert for trusted signing.

Thanks,
Jesse


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux