[squid-users] ***SPAM*** Re: Random SSL bump DB corruption

Stakres vdoctor at neuf.fr
Mon Apr 13 10:42:52 UTC 2015


Hi Amos, All,

We have done as you indicate, but the index.tx is still corrupted, have a
look:
*V	250406120057Z		2C564651B40D1F4F6CAFFF06EA8B201580E3B678	unknown
/CN=173.194.65.84+Sign=signTrusted+SignHash=SHA256
V	250406120057Z		71664F2E27C4E321B2A4F59EA3971D70C298DAFB	unknown
/CN=173.194.112.167+Sign=signTrusted+SignHash=SHA256
V	250406120057Z		45205F68B7AD2DEEBE408E55FF8DADE5C88F6A99	unknown
/CN=74.125.136.188+Sign=signTrusted+SignHash=SHA256
V	250406120057Z		6CFF07CBB3BE016022AF2EA75BA56EC99FD8256E	unknown
/CN=173.194.112.177+Sign=signTrusted+SignHash=SHA256
V	250406120057Z		5829213872C31284E8853C079BF51A0E50F89CF8	unknown
/CN=173.194.112.166+Sign=signTrusted+SignHash=SHA256
V	250406120057Z		06BC95EACDEEC116E11B1B6CE66C9179C4251D6E	unknown
/CN=173.194.112.164+Sign=signTrusted+SignHash=SHA256
V	250406120057Z		7ECFE99D51088BD0692A7439EBAFEDA38A29BC	unknown
/CN=173.194.112.185+Sign=signTrusted+SignHash=SHA256
V	150623000000Z		49F18ABCB410F18BE715AF26AEEB0EE4E1D89DC6	unknown
/C=US/ST=California/L=Mountain View/O=Google
Inc/CN=*.google.com+Sign=signTrusted+SignHash=SHA256
V	150623000000Z		3A2A74F1431B28F9E268B8762706F69597D11447	unknown
/C=US/ST=California/L=Mountain View/O=Google
Inc/CN=*.googleapis.com+Sign=signTrusted+SignHash=SHA256
V	150623000000Z		695CC4B75B9F38E29836BB211432FF8286966313	unknown
/C=US/ST=California/L=Mountain View/O=Google
Inc/CN=*.google-analytics.com+Sign=signTrusted+SignHash=SHA256
V	150623000000Z		21C204121B238D4B48F0196F4D644B7A5F775574	unknown
/C=US/ST=California/L=Mountain View/O=Google
Inc/CN=www.google.com+Sign=signTrusted+SignHash=SHA256
HA256
*

What's the *HA256* at the end of the file ?

here is the squid.conf (3.5.3):
sslproxy_capath /etc/ssl/certs
acl sslstep1 at_step SslBump1
ssl_bump peek sslstep1
ssl_bump bump all
ssl_bump splice all
sslcrtd_program /usr/local/squid3/lib/ssl_crtd -s /var/lib/ssl_db -M 8MB
sslcrtd_children 16 startup=5 idle=1

The Squid crash every 1-2 hours.
Seems the ssl_crtd fails in writing data tot he index.txt.

Thanks for your help.
Bye Fred



--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Random-SSL-bump-DB-corruption-tp4670289p4670708.html
Sent from the Squid - Users mailing list archive at Nabble.com.


More information about the squid-users mailing list