[squid-users] sslcrtvalidator_program

Amos Jeffries squid3 at treenet.co.nz
Mon Jan 18 19:06:01 UTC 2021


On 19/01/21 5:53 am, Eliezer Croitoru wrote:
> Hey Alex,
> 
> I have tried to read the documentation and to compose a single certificate validation "call" or "request".
> The issue with this is that I am unable to do that.
> It would help a lot if a single verification request would be public and available to me and maybe others.
> The example shows:
> 0 cert_validate 1519 host=dmz.example-domain.com
> cert_0=-----BEGIN CERTIFICATE-----
> MIID+DCCA2GgAwIBAgIJAIDcHRUxB2O4MA0GCSqGSIb3DQEBBAUAMIGvMQswCQYD
> ...
> YpVJGt5CJuNfCcB/
> -----END CERTIFICATE-----
> error_name_0=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
> error_cert_0=cert0
> 
> so where ix the 0x01 byte and where are the new lines?


The \0x1 is the "logical line" terminator for the helper query. Which 
means it goes last. \n are used by the PEM format for certificates.


Amos


More information about the squid-users mailing list