[squid-users] No valid signing SSL certificate configured for HTTPS_port
itdirectconsulting at gmail.com
Tue Nov 8 08:51:54 UTC 2016
This could be the problem. I built another VM based on Debian and ended up
creating my own CA / PKI.
Self-signed certificates worked and I was able to move on at last.
Great learning experience to see how SSL / openssl works.
Now I am stuck with Windows client unable to connect to reverse-proxyfied
When I connect via NAT/PAT, I can get to OWA/ECP.
When squid is acting as reverse-proxy, connection is timing out.
Looks like my Exchange SSL is not working but I will deal with this later.
Thanks a lot for your help.
On Tue, Nov 8, 2016 at 6:18 AM, Amos Jeffries [via Squid Web Proxy Cache] <
ml-node+s1019090n4680457h1 at n4.nabble.com> wrote:
> On 6/11/2016 7:52 a.m., Garri Djavadyan wrote:
> > On 2016-11-05 23:10, konradka wrote:
> >> Hi Garri,
> >> Thanks for your responses mate !
> >> I did not realize that the squid was compiled with proxy user. Well
> >> spotted
> >> !
> >> It looks like permission's issue but squid error message is not giving
> >> away
> >> any more details.
> >> I will configure debug_options to see what is failing exactly.
> >> The modulus check is a good idea too so I will get this checked and
> >> post the
> >> results.
> > Actually, there should not be problems with DAC rights for user 'proxy',
> > I found that Squid reads the keys as root. But there may be problems
> > with MAC rights for Squid, if any enabled by default. As you use Ubuntu,
> > you should check AppArmor logs for problems indication.
> > The same error may appear, if path or filename is misspelled.
> Or if the key= parameter is listed before the cert= parameter. I have
> just made that case a different (and FATAL) error on config loading.
> After loading the cert and key from the relevant files, Squid verifies
> that they are a matching pair. This message is output if for any reason
> that check fails, or the loading fails.
> squid-users mailing list
> [hidden email] <http:///user/SendEmail.jtp?type=node&node=4680457&i=0>
> If you reply to this email, your message will be added to the discussion
> To unsubscribe from No valid signing SSL certificate configured for
> HTTPS_port, click here
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/No-valid-signing-SSL-certificate-configured-for-HTTPS-port-tp4680434p4680459.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users