Search squid archive

Re: problem in squid certificate installtion

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hmmm ,  cant u  provide more info??

I followed wiki

http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate

 

but im still confused with certificates , if possible and don’t mind , could u tell me brief steps ?

 

thanks a lot for ur kind help

 

regards

 

From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Yuri Voinov
Sent: Tuesday, April 21, 2015 11:19 AM
To: squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: problem in squid certificate installtion

 


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
Self-signed certificate is not suitable for use in a reverse proxy.

22.04.15 9:17, snakeeyes пишет:
> Hi

      >

      > I need to setup squid proxy as reverse proxy with https

      enabled

      >

      > I tried  the bash script below and it run ok :

      >

      > ###########################

      >

      > OPENSSL=/usr/bin/openssl

      >

      > 

      >

      > SSLDIR=/etc/mydlp/ssl

      >

      > 

      >

      > mkdir -p $SSLDIR || exit 1

      >

      > 

      >

      > rm -rf $SSLDIR/*

      >

      > 

      >

      > [ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 >

      $SSLDIR/private.pem

      >

      > 

      >

      > [ -e $SSLDIR/public.pem ] || (echo -e

      >

      "TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport@xxxxxxxxx\n"|

      $OPENSSL

      > req -new -x509 -days 3650 -key $SSLDIR/private.pem -out

      $SSLDIR/public.pem)

      >

      > 

      >

      > [ -e $SSLDIR/user.der ] || $OPENSSL x509 -in

      $SSLDIR/public.pem -outform DER

      > -out $SSLDIR/user.der

      >

      > ######################################

      >

      > 

      >

      > 

      >

      > ls -l /etc/mydlp/ssl

      >

      > total 12

      >

      > -rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem

      >

      > -rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem

      >

      > -rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der

      >

      > 

      >

      > ######################################

      >

      > 

      >

      > Added to squid.conf :

      >

      > 

      >

      > https_port 443 key=/etc/mydlp/ssl/private.pem

      cert=/etc/mydlp/ssl/public.pem

      >

      > 

      >

      > 

      >

      > 

      >

      > And when I start squid ,

      >

      > 

      >

      > FATAL: No valid signing SSL certificate configured for

      HTTPS_port [::]:443

      >

      > Squid Cache (Version 3.5.1): Terminated abnormally.

      >

      > CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys

      >

      > Maximum Resident Size: 271264 KB

      >

      > Page faults with physical i/o: 44

      >

      > 

      >

      > 

      >

      > 

      >

      > 

      >

      > Hope to help

      >

      > 

      >

      > regards

      >

      >

      >

      >

      > _______________________________________________

      > squid-users mailing list

      > squid-users@xxxxxxxxxxxxxxxxxxxxx

      > http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJVNpSSAAoJENNXIZxhPexGq+4H/3KGzflx2iP+/nYH9SITqmun
okbIgNUX31WbNYWy8Na+7fnEqE/e/Sfc5qGP2LhbL3iPz72pspBE0vpvLPvAa8iL
kak/CLDEaFXizPVhfPIi7FI9Vdpvl4D2Pfm3aHHXxoTFjmLvM6htTlNntNCYuG1P
iLm7gFUNC9pltRrEbnKmhxh3CKsc6iUC3L3muLLaH3WX7WJNtCzTxh+8OQKeDIh1
ZWAbvpXnPT6PdXI4rDF6+J16eC6TUo0stiWds2XsYH958AWJRwcHi5UL+Vgq1X6Z
9GWYZVKlXNxBfGR5Zv1anmmaDP2ouJG3DwI5U8Dqe6B6dcGYQWtU+m1Hieuy5Ko=
=BiO/
-----END PGP SIGNATURE-----

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux