Search squid archive

Re: problem in squid certificate installtion

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
Self-signed certificate is not suitable for use in a reverse proxy.

22.04.15 9:17, snakeeyes пишет:
> Hi
>
> I need to setup squid proxy as reverse proxy with https enabled
>
> I tried  the bash script below and it run ok :
>
> ###########################
>
> OPENSSL=/usr/bin/openssl
>

>
> SSLDIR=/etc/mydlp/ssl
>

>
> mkdir -p $SSLDIR || exit 1
>

>
> rm -rf $SSLDIR/*
>

>
> [ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 > $SSLDIR/private.pem
>

>
> [ -e $SSLDIR/public.pem ] || (echo -e
> "TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport@xxxxxxxxx\n"| $OPENSSL
> req -new -x509 -days 3650 -key $SSLDIR/private.pem -out $SSLDIR/public.pem)
>

>
> [ -e $SSLDIR/user.der ] || $OPENSSL x509 -in $SSLDIR/public.pem -outform DER
> -out $SSLDIR/user.der
>
> ######################################
>

>

>
> ls -l /etc/mydlp/ssl
>
> total 12
>
> -rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem
>
> -rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem
>
> -rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der
>

>
> ######################################
>

>
> Added to squid.conf :
>

>
> https_port 443 key=/etc/mydlp/ssl/private.pem cert=/etc/mydlp/ssl/public.pem
>

>

>

>
> And when I start squid ,
>

>
> FATAL: No valid signing SSL certificate configured for HTTPS_port [::]:443
>
> Squid Cache (Version 3.5.1): Terminated abnormally.
>
> CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys
>
> Maximum Resident Size: 271264 KB
>
> Page faults with physical i/o: 44
>

>

>

>

>
> Hope to help
>

>
> regards
>
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJVNpSSAAoJENNXIZxhPexGq+4H/3KGzflx2iP+/nYH9SITqmun
okbIgNUX31WbNYWy8Na+7fnEqE/e/Sfc5qGP2LhbL3iPz72pspBE0vpvLPvAa8iL
kak/CLDEaFXizPVhfPIi7FI9Vdpvl4D2Pfm3aHHXxoTFjmLvM6htTlNntNCYuG1P
iLm7gFUNC9pltRrEbnKmhxh3CKsc6iUC3L3muLLaH3WX7WJNtCzTxh+8OQKeDIh1
ZWAbvpXnPT6PdXI4rDF6+J16eC6TUo0stiWds2XsYH958AWJRwcHi5UL+Vgq1X6Z
9GWYZVKlXNxBfGR5Zv1anmmaDP2ouJG3DwI5U8Dqe6B6dcGYQWtU+m1Hieuy5Ko=
=BiO/
-----END PGP SIGNATURE-----

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux