Hmmm , cant u provide more info?? I followed wiki http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate but im still confused with certificates , if possible and don’t mind , could u tell me brief steps ? thanks a lot for ur kind help regards From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Yuri Voinov
> > I need to setup squid proxy as reverse proxy with https enabled > > I tried the bash script below and it run ok : > > ########################### > > OPENSSL=/usr/bin/openssl > > > > SSLDIR=/etc/mydlp/ssl > > > > mkdir -p $SSLDIR || exit 1 > > > > rm -rf $SSLDIR/* > > > > [ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 > $SSLDIR/private.pem > > > > [ -e $SSLDIR/public.pem ] || (echo -e > "TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport@xxxxxxxxx\n"| $OPENSSL > req -new -x509 -days 3650 -key $SSLDIR/private.pem -out $SSLDIR/public.pem) > > > > [ -e $SSLDIR/user.der ] || $OPENSSL x509 -in $SSLDIR/public.pem -outform DER > -out $SSLDIR/user.der > > ###################################### > > > > > > ls -l /etc/mydlp/ssl > > total 12 > > -rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem > > -rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem > > -rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der > > > > ###################################### > > > > Added to squid.conf : > > > > https_port 443 key=/etc/mydlp/ssl/private.pem cert=/etc/mydlp/ssl/public.pem > > > > > > > > And when I start squid , > > > > FATAL: No valid signing SSL certificate configured for HTTPS_port [::]:443 > > Squid Cache (Version 3.5.1): Terminated abnormally. > > CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys > > Maximum Resident Size: 271264 KB > > Page faults with physical i/o: 44 > > > > > > > > > > Hope to help > > > > regards > > > > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users