|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Said it was enough to understand. :) I strictly recommend to start from here: http://en.wikipedia.org/wiki/Public_key_infrastructure 22.04.15 13:30, snakeeyes пишет: > Hmmm , cant u provide more info?? > > I followed wiki > > http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate > > > > but im still confused with certificates , if possible and don’t mind , could u tell me brief steps ? > > > > thanks a lot for ur kind help > > > > regards > > > > From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Yuri Voinov > Sent: Tuesday, April 21, 2015 11:19 AM > To: squid-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Re: problem in squid certificate installtion > > > > > Self-signed certificate is not suitable for use in a reverse proxy. > > 22.04.15 9:17, snakeeyes пишет: > > Hi > > > > > > > > > I need to setup squid proxy as reverse proxy with https > > enabled > > > > > > > > > I tried the bash script below and it run ok : > > > > > > > > > ########################### > > > > > > > > > OPENSSL=/usr/bin/openssl > > > > > > > > > > > > > > > > > SSLDIR=/etc/mydlp/ssl > > > > > > > > > > > > > > > > > mkdir -p $SSLDIR || exit 1 > > > > > > > > > > > > > > > > > rm -rf $SSLDIR/* > > > > > > > > > > > > > > > > > [ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 > > > $SSLDIR/private.pem > > > > > > > > > > > > > > > > > [ -e $SSLDIR/public.pem ] || (echo -e > > > > > > <mailto:TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport@xxxxxxxxx\n> "TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport@xxxxxxxxx\n"| > > $OPENSSL > > > > > req -new -x509 -days 3650 -key $SSLDIR/private.pem -out > > $SSLDIR/public.pem) > > > > > > > > > > > > > > > > > [ -e $SSLDIR/user.der ] || $OPENSSL x509 -in > > $SSLDIR/public.pem -outform DER > > > > > -out $SSLDIR/user.der > > > > > > > > > ###################################### > > > > > > > > > > > > > > > > > > > > > > > > > ls -l /etc/mydlp/ssl > > > > > > > > > total 12 > > > > > > > > > -rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem > > > > > > > > > -rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem > > > > > > > > > -rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der > > > > > > > > > > > > > > > > > ###################################### > > > > > > > > > > > > > > > > > Added to squid.conf : > > > > > > > > > > > > > > > > > https_port 443 key=/etc/mydlp/ssl/private.pem > > cert=/etc/mydlp/ssl/public.pem > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > And when I start squid , > > > > > > > > > > > > > > > > > FATAL: No valid signing SSL certificate configured for > > HTTPS_port [::]:443 > > > > > > > > > Squid Cache (Version 3.5.1): Terminated abnormally. > > > > > > > > > CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys > > > > > > > > > Maximum Resident Size: 271264 KB > > > > > > > > > Page faults with physical i/o: 44 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Hope to help > > > > > > > > > > > > > > > > > regards > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > squid-users mailing list > > > > > squid-users@xxxxxxxxxxxxxxxxxxxxx <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx> > > > > > http://lists.squid-cache.org/listinfo/squid-users > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVNsJ5AAoJENNXIZxhPexGE7IH/3JpGhiwEg2puuCiCxOu81re GcldpwyP3rdJ5TRF/IxFV1K++a+lNDvppVORQwLCpFX6uY3XeBh2Lsn4lsenpV7n dGBIcKm4eP34ko8EAyjFjKcpoyF9ocl6ygX7XlVgqEE6PYZZG+GJOz2DOPe2u3kg RWPQjFLHY0DLKgFTj9h3/uLb+6D+opTYH+5dN3vkuf0jAAuQuGaCz9F5wbnxu8Q9 G2zvWqmRbye2hd3ukHbPY0wRyjHZCiFMBF5Q69ciJJzOqDjPd5+0tkg+o+9AcznL 1Q4gZQADMdf3RcDZ42HhINxoqSeiBiRw8SP67/XATb38giwc1/pppVbgMHGBPOc= =tltw -----END PGP SIGNATURE----- |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
