security_file_certgen problem

["leomessi983@xxxxxxxxx" <leomessi983@xxxxxxxxx>]

Hi all

I compiled squid 4.6 with this options:

./configure \
--with-openssl \
--enable-ssl-crtd \
--prefix=/usr \
--enable-linux-netfilter \
--with-netfilter-conntrack \
--exec-prefix=/usr \
--includedir=/usr/include \
--datadir=/usr/share/squid \
--libdir=/usr/lib64 \
--libexecdir=/usr/lib64/squid \
--localstatedir=/var \
--sysconfdir=/etc/squid/ \
--sharedstatedir=/var/lib/ \
--with-logdir=/var/log/squid/ \
--enable-ltdl-convenience \
--enable-http-violations

And my configurations is:

acl Blk ssl::server_name "/var/squid/blk.list"
ssl_bump bump Blk
acl urlBlk dstdomain " /var/squid/blk.list"

reply_header_access Strict-Transport-Security deny all

http_access deny urlBlk

http_access allow all
http_port 0.0.0.0:3128
http_port 0.0.0.0:3129 tproxy
https_port 3130 tproxy ssl-bump \
        tls-cert=/etc/squid/ssl/myca.pem \
        generate-host-certificates=on dynamic_cert_mem_cache_size=20MB
sslcrtd_program /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB
sslcrtd_children 10 startup=5 idle=1
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump splice all
shutdown_lifetime 5 seconds
cache deny all
cache_mem 0

After that i use squid to block https requests, when i try to get blocked https site i get this error in my cache.log:

2019/03/18 16:46:11| WARNING: /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB #Hlpr1 exited

2019/03/18 16:46:11| Too few /usr/lib64/squid/security_file_certgen -s /var/lib/ssl_db -M 20MB processes are running (need 1/10)
2019/03/18 16:46:11| Starting new helpers
2019/03/18 16:46:11| helperOpenServers: Starting 1/10 'security_file_certgen' processes
2019/03/18 16:46:11| "ssl_crtd" helper returned <NULL> reply.

What is wrong? what am i do?!

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users