[squid-users] problem in squid certificate installtion
snakeeyes
ahmed.zaeem at netstream.ps
Wed Apr 22 07:30:17 UTC 2015
Hmmm , cant u provide more info??
I followed wiki
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate
but im still confused with certificates , if possible and don’t mind , could u tell me brief steps ?
thanks a lot for ur kind help
regards
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Yuri Voinov
Sent: Tuesday, April 21, 2015 11:19 AM
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] problem in squid certificate installtion
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Self-signed certificate is not suitable for use in a reverse proxy.
22.04.15 9:17, snakeeyes пишет:
> Hi
>
> I need to setup squid proxy as reverse proxy with https
enabled
>
> I tried the bash script below and it run ok :
>
> ###########################
>
> OPENSSL=/usr/bin/openssl
>
>
>
> SSLDIR=/etc/mydlp/ssl
>
>
>
> mkdir -p $SSLDIR || exit 1
>
>
>
> rm -rf $SSLDIR/*
>
>
>
> [ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 >
$SSLDIR/private.pem
>
>
>
> [ -e $SSLDIR/public.pem ] || (echo -e
>
<mailto:TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport at mydlp.com\n> "TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport at mydlp.com\n"|
$OPENSSL
> req -new -x509 -days 3650 -key $SSLDIR/private.pem -out
$SSLDIR/public.pem)
>
>
>
> [ -e $SSLDIR/user.der ] || $OPENSSL x509 -in
$SSLDIR/public.pem -outform DER
> -out $SSLDIR/user.der
>
> ######################################
>
>
>
>
>
> ls -l /etc/mydlp/ssl
>
> total 12
>
> -rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem
>
> -rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem
>
> -rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der
>
>
>
> ######################################
>
>
>
> Added to squid.conf :
>
>
>
> https_port 443 key=/etc/mydlp/ssl/private.pem
cert=/etc/mydlp/ssl/public.pem
>
>
>
>
>
>
>
> And when I start squid ,
>
>
>
> FATAL: No valid signing SSL certificate configured for
HTTPS_port [::]:443
>
> Squid Cache (Version 3.5.1): Terminated abnormally.
>
> CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys
>
> Maximum Resident Size: 271264 KB
>
> Page faults with physical i/o: 44
>
>
>
>
>
>
>
>
>
> Hope to help
>
>
>
> regards
>
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org <mailto:squid-users at lists.squid-cache.org>
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJVNpSSAAoJENNXIZxhPexGq+4H/3KGzflx2iP+/nYH9SITqmun
okbIgNUX31WbNYWy8Na+7fnEqE/e/Sfc5qGP2LhbL3iPz72pspBE0vpvLPvAa8iL
kak/CLDEaFXizPVhfPIi7FI9Vdpvl4D2Pfm3aHHXxoTFjmLvM6htTlNntNCYuG1P
iLm7gFUNC9pltRrEbnKmhxh3CKsc6iUC3L3muLLaH3WX7WJNtCzTxh+8OQKeDIh1
ZWAbvpXnPT6PdXI4rDF6+J16eC6TUo0stiWds2XsYH958AWJRwcHi5UL+Vgq1X6Z
9GWYZVKlXNxBfGR5Zv1anmmaDP2ouJG3DwI5U8Dqe6B6dcGYQWtU+m1Hieuy5Ko=
=BiO/
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150422/5422b956/attachment.html>
More information about the squid-users
mailing list