On 19/03/19 2:26 am, leomessi983 wrote: > Hi all > I compiled squid 4.6 with this options: > ... > > And my configurations is: ... > sslcrtd_program /usr/lib64/squid/security_file_certgen -s > /var/lib/ssl_db -M 20MB Have you initialized the /var/lib/ssl_db directory using the low-privilege account Squid operates as? > > After that i use squid to block https requests, when i try to get > blocked https site i get this error in my cache.log: > > 2019/03/18 16:46:11| WARNING: /usr/lib64/squid/security_file_certgen -s > /var/lib/ssl_db -M 20MB #Hlpr1 exited The helper should have output a message before it shutdown. If that managed to get written it would occur somewhere before this line in your cache.log. > 2019/03/18 16:46:11| Too few /usr/lib64/squid/security_file_certgen -s > /var/lib/ssl_db -M 20MB processes are running (need 1/10) > 2019/03/18 16:46:11| Starting new helpers > 2019/03/18 16:46:11| helperOpenServers: Starting 1/10 > 'security_file_certgen' processes > 2019/03/18 16:46:11| "ssl_crtd" helper returned <NULL> reply. > > > What is wrong? what am i do?! > Usually run the helper manually with the -c option to initialize the OpenSSL certificate storage before using it. Make sure this is done with the same user account Squid will be using when it runs. Also make sure that anything like AppArmor or SELinux that does advanced filesystem permissions is updated to permit access to Squid. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
