[squid-users] sslpassword_program

Michael Pelletier michael.pelletier at palmbeachschools.org
Sun Dec 18 20:21:07 UTC 2016


Check your file permissions on the key.

On Dec 18, 2016 2:13 PM, <creditu at eml.cc> wrote:

> I'm having trouble getting the sslpassword_program working for an
> encrypted key.  Config looks like this:
>
> sslpassword_program /usr/local/bin/pass.sh
> https_port 10.10.10.1:443 accel vhost cert=/etc/squid/www.crt
> key=/etc/squid/private.key
>
> On start, cache log states "Ignoring https_port 10.10.10.1:443 due to
> SSL initialization failure."
> On stop, console states "Failed to acquire SSL private key
> '/etc/squid/private.key': error:0200100D:system library:fopen:Permission
> denied"
>
> Removing the passphrase from the private key, squid starts normally.
> Permissions on the encrypted and non-encrypted keys are the same.  I
> also tried putting the pass.sh program in /bin.  The pass.sh program
> looks like this:
> #!/bin/sh
> echo "testing"
>
> The hash of the private key modulus and the certificate modulus match as
> well.
>
> Am I missing something? This is on squid 3.1.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>

-- 


*Disclaimer: *Under Florida law, e-mail addresses are public records. If 
you do not want your e-mail address released in response to a public 
records request, do not send electronic mail to this entity. Instead, 
contact this office by phone or in writing.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161218/9477f361/attachment.html>


More information about the squid-users mailing list