[squid-dev] Any code pointers to get sending certificate chain from squid reverse proxy with gnutls?

dsuh dsuhpublic at gmail.com
Thu Apr 29 06:09:57 UTC 2021


I have hit a wall as I want to listen on one https_port for 3 different
server key/cert chains.
Previous message about 2 years ago says this has not been implemented yet.
http://squid-web-proxy-cache.1019090.n4.nabble.com/sending-certificate-chain-from-squid-reverse-proxy-td4687986.html

I am looking at what it would take to get cert chains working.
I think the credentials are set for gnutls TLS handshake
with gnutls_credentials_set() call in CreateSession() in Session.cc
So, I think that ctx is used for session data for gnutls and also for
context data for openssl?
I think I kind of got lost on how I can make sure a cert chain (instead of
just the server cert) is set in ctx.
Any direction on where the server cert chain should be set for gnutls TLS
handshake would be appreciated.

David Suh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20210428/a27f50af/attachment.htm>


More information about the squid-dev mailing list