Thanks for your answer, here's the output after the upgrade:
[root@localhost ssl_cert]# squid -v
Squid Cache: Version 4.1
Service Name: squid
'--with-default-user=squid'
Error:
[root@localhost ssl_cert]# /usr/lib64/squid/security_file_certgen -c -s /usr/local/squid/var/cache/squid/ssl_db -M 4MB
Initialization SSL db...
/usr/lib64/squid/security_file_certgen: Cannot create /usr/local/squid/var/cache/squid/ssl_db
From the cache.log:
2018/08/28 09:00:36 kid1| Set Current Directory to /var/spool/squid
(security_file_certgen): Uninitialized SSL certificate database directory: /usr/local/squid/var/cache/squid/ssl_db. To initialize, run "security_file_certgen -c -s /usr/local/squid/var/cache/squid/ssl_db".
...
2018/08/28 09:00:37 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::]:3129 remote=[::] FD 17 flags=41
2018/08/28 09:00:37 kid1| WARNING: /usr/lib64/squid/security_file_certgen -s /usr/local/squid/var/cache/squid/ssl_db -M 4MB #Hlpr1 exited
2018/08/28 09:00:37 kid1| Too few /usr/lib64/squid/security_file_certgen -s /usr/local/squid/var/cache/squid/ssl_db -M 4MB processes are running (need 1/8)
Permissions:
drwxrwxrwx. 2 squid squid 6 Aug 28 08:45 ssl_db
drwxrwxrwx. 3 squid squid 20 Aug 28 08:45 squid
drwxrwxrwx. 3 squid squid 19 Aug 28 08:45 cache
drwxrwxrwx. 3 squid squid 19 Aug 28 08:45 var
drwxrwxrwx. 3 squid squid 17 Aug 28 08:45 squid
Status:
[root@localhost /]# systemctl status squid
● squid.service - Squid Web Proxy Server
Loaded: loaded (/usr/lib/systemd/system/squid.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2018-08-28 09:00:37 EDT; 2min 5s ago
Docs: man:squid(8)
Process: 4993 ExecStop=/usr/sbin/squidshut.sh (code=exited, status=255)
It doesn't matter if I create /squid with squid.squid user.group permissions with rwx, the error is always the same.
I'm downloading https://www.pfsense.org, will try from there. Also attached the squid.conf just in case.
Regards.
El mar., 28 ago. 2018 a las 8:28, Amos Jeffries (<squid3@xxxxxxxxxxxxx>) escribió:
On 28/08/18 7:13 AM, Maximiliano Santa Cruz wrote:
>
> Hello everybody.
>
> I've been struggling with this error:
>
> (ssl_crtd): Uninitialized SSL certificate database directory:
> /var/lib/ssl_db. To initialize, run "ssl_crtd -c -s /var/lib/ssl_db".
>
> I've tried a lot of workarounds from this mailing list but none of them
> worked for me, these are the permissions that I have:
>
> [root@localhost admin]# /usr/lib64/squid/ssl_crtd -c -s /var/lib/ssl_db
>
> [root@localhost admin]# ll /var/lib/ssl_db
> total 4
> drwxr-xr-x. 2 squid squid 6 Aug 27 15:06 certs
> -rw-r--r--. 1 squid squid 0 Aug 27 15:06 index.txt
> -rw-r--r--. 1 squid squid 1 Aug 27 15:06 size
>
Have you updated SELinux permissions after creating or changing the
directory?
test -x /sbin/restorecon && restorecon /var/lib/ssl_db
>
> OS: CentOS 7
> [root@localhost admin]# squid -v
> Squid Cache: Version 3.5.27
> Service Name: squid
>
Missing the configure options which will say what --with-default-user=
was set to. That account needs to match the one with rights to the
directory - it may not be "squid".
Also, please update to Squid-4. It has much better support for SSL-Bump
features than squid-3.x. Eliezer has packages available
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
Attachment:
squid.conf
Description: Binary data
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
