Hi I need to setup squid proxy as reverse proxy with https enabled I tried the bash script below and it run ok : ########################### OPENSSL=/usr/bin/openssl SSLDIR=/etc/mydlp/ssl mkdir -p $SSLDIR || exit 1 rm -rf $SSLDIR/* [ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 > $SSLDIR/private.pem [ -e $SSLDIR/public.pem ] || (echo -e "TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport@xxxxxxxxx\n"| $OPENSSL req -new -x509 -days 3650 -key $SSLDIR/private.pem -out $SSLDIR/public.pem) [ -e $SSLDIR/user.der ] || $OPENSSL x509 -in $SSLDIR/public.pem -outform DER -out $SSLDIR/user.der ###################################### ls -l /etc/mydlp/ssl total 12 -rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem -rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem -rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der ###################################### Added to squid.conf : https_port 443 key=/etc/mydlp/ssl/private.pem cert=/etc/mydlp/ssl/public.pem And when I start squid , FATAL: No valid signing SSL certificate configured for HTTPS_port [::]:443 Squid Cache (Version 3.5.1): Terminated abnormally. CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys Maximum Resident Size: 271264 KB Page faults with physical i/o: 44 Hope to help regards |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
