[squid-users] problem in squid certificate installtion
snakeeyes
ahmed.zaeem at netstream.ps
Wed Apr 22 03:17:36 UTC 2015
Hi
I need to setup squid proxy as reverse proxy with https enabled
I tried the bash script below and it run ok :
###########################
OPENSSL=/usr/bin/openssl
SSLDIR=/etc/mydlp/ssl
mkdir -p $SSLDIR || exit 1
rm -rf $SSLDIR/*
[ -e $SSLDIR/private.pem ] || $OPENSSL genrsa 4096 > $SSLDIR/private.pem
[ -e $SSLDIR/public.pem ] || (echo -e
"TR\nAnkara\nTechnopolis\nMyDLP\nMyDLP\n*\nsupport at mydlp.com\n"| $OPENSSL
req -new -x509 -days 3650 -key $SSLDIR/private.pem -out $SSLDIR/public.pem)
[ -e $SSLDIR/user.der ] || $OPENSSL x509 -in $SSLDIR/public.pem -outform DER
-out $SSLDIR/user.der
######################################
ls -l /etc/mydlp/ssl
total 12
-rw-r--r-- 1 root root 3243 Apr 21 08:26 private.pem
-rw-r--r-- 1 root root 2090 Apr 21 08:26 public.pem
-rw-r--r-- 1 root root 1501 Apr 21 08:27 user.der
######################################
Added to squid.conf :
https_port 443 key=/etc/mydlp/ssl/private.pem cert=/etc/mydlp/ssl/public.pem
And when I start squid ,
FATAL: No valid signing SSL certificate configured for HTTPS_port [::]:443
Squid Cache (Version 3.5.1): Terminated abnormally.
CPU Usage: 10.189 seconds = 10.133 user + 0.056 sys
Maximum Resident Size: 271264 KB
Page faults with physical i/o: 44
Hope to help
regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150421/f88ac714/attachment.html>
More information about the squid-users
mailing list