[squid-users] Default CA file
Yuri Voinov
yvoinov at gmail.com
Sat Feb 7 20:31:41 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You need openssl CA's bundle.
Which can be specify with capath= parameter.
08.02.2015 2:28, Hector Chan пишет:
> Hi all,
>
> I have a question about the CA file for SSL certificates. If I don't
specify anything for CA, what is default CA certs that squid will use
for the cache_peer ?
>
> Here is a snippet of my config file.
>
> https_port 127.0.0.1:4443 <http://127.0.0.1:4443> accel \
> cert=/etc/certs/certificate \
> key=/etc/certs/key \
> options=NO_SSLv2,NO_SSLv3
> ...
> cache_peer xyz.example.com <http://xyz.example.com> parent 443 0 \
> no-query originserver \
> ssl forceddomain= xyz.example.com <http://xyz.example.com> \
> login=PASS \
> sslcert=/etc/certs/certificate \
> sslkey=/etc/certs/key \
> ssloptions=NO_SSLv2,NO_SSLv3
> ...
>
> I am running squid-3.4.4 on CentOS 6.
>
> Thanks,
> Hector
>
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJU1nYtAAoJENNXIZxhPexG37YH/iN5GowI9WZOdUx7uVLTAlJn
+h7x1J/0vRLn0vb/KksGGbaJ0xdKUzFoLdvyYE8vhOpQnMX37zBKZgAmP1D/J5r+
+SOOiaxkG9pHoeqm3tvrVvCs8cQBOzHaweT1W7DORLSgigmOQWkHsq3vcYuAeQox
ext37UtLzsvuvZI/MbY9BIDya2qr51i67+w9cZkWeIVivnFDoA4zEHtFzQPzud+U
SXbkGBVYFVxbif+H8/6D6TyRBlBEo5meO7+T+0UDxd4Ny3vr/kZeVtW+iExmEulc
r/LESnctA/LAGBitDWpgcq7+xgwb1e20yvWio6UTNKORdDzYFY3cnJXDFzwuT1w=
=J6Qv
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150208/65211c92/attachment.html>
More information about the squid-users
mailing list