On 24/05/20 3:31 pm, Joshua Bazgrim wrote: > Squid 4.9 > Ubuntu 18.04.03 > > I'm trying to implement ssl-bumping into the frontend of a squid smp > setup, but I keep getting the following error: > FATAL: Ipc::Mem::Segment::open failed to > shm_open(/squid-tls_session_cache.shm): (2) No such file or directory > > shm is working correctly and generating/reading from other squid shm > files, but not properly generating this file upon start-up in SMP mode. > > My ssl-bump configuration works fine in non-smp mode. > I'm guessing it's some sort of race condition to do with improperly > setup config files for ssl-bumping, but unsure of how to correct it. > The SHM problem is likely an issue between the frontend and coordinator processes creating and accessing the /dev/shm path with different share names. However, you will have a bigger problem using SSL-Bump with this configuration. To cache the traffic requires the frontend to be using TLS to contact the backends. Which will make the frontend see the backend *proxy* certificate as the one to be mimic'd instead of the real origin certificate. You will need to separate these into a full multi-tenant configuration with SSL-Bump at both layers and interception of traffic leaving the frontend diverted into the backend. <https://wiki.squid-cache.org/MultipleInstances> Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
