[squid-users] https_port question

Amos Jeffries squid3 at treenet.co.nz
Wed May 20 04:58:56 UTC 2015


On 20/05/2015 4:36 p.m., Alex Samad wrote:
> Hi
> 
> Looking at http://www.squid-cache.org/Doc/config/https_port/
> 
> I am trying to work out where I place intermediary CA certs.

In the file pointed to by cacert= parameter seems to work for some.


> 
> I am setting up a reverse proxy setup, trying to terminate the SSL here.
> 
> cert=  points to SSL certificate PEM file, this seems to be a public
> and private combo file. can I also place intermediary here ?

You can place any or all of the server keys in there. But due to
oddities in the OpenSSL API you need both the cert= and cacert=
https_port parameters pointing at it to use the intermediary ones inside.

Amos



More information about the squid-users mailing list