[squid-users] SSL Bump with valid CA
afranoux
afranoux at orange.fr
Thu Jun 16 09:54:37 UTC 2016
Hello,
I'm student in computer lab and i finish a squid 3.5.19 with SSL-bump with
self signed certificat in intercept mode (work well).
Now i need to try to configurate squid with a non self-signed certificate
My gait:
openssl genrsa 2048 > redrocks.key
openssl req -new -key redrocks.key > redrocks.csr
after a visit to StartSSL in "Client S/MIME and Authentication Certificate"
i receive crt
openssl pkcs12 -export -in redrocks.crt -inkey redrocks.key -out
redrocks.p12
openssl pkcs12 -in redrocks.p12 -nodes -out redrocks.pem
squid.conf:
http_port 3128 intercept
https_port 3129 intercept ssl-bump \
generate-host-certificates=on \
dynamic_cert_mem_cache_size=4MB \
cert=/etc/squid/ssl_cert/redrocks.pem \
key=/etc/squid/ssl_cert/redrocks.pem
To read you,
Cordially
Arnaud
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160616/16eec5d8/attachment.html>
More information about the squid-users
mailing list