[squid-users] Help getting Squid 3.4 Transparent Proxy to Work

Yuri Voinov yvoinov at gmail.com
Fri Jan 9 20:56:34 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Matt,

you need self-signed root CA certificate with private key to HTTPS
interception work with ssl-bump.

Config lines must looks like this:

http_port 3127
http_port 3128 intercept

https_port 3129 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/etc/rootCA.crt
key=/usr/local/squid/etc/rootCA.key capath=/etc/opt/csw/ssl/certs

WBR, Yuri

10.01.2015 2:19, mattatrmc пишет:
> Hello Everyone,
>
> I'm not to this forum and using Squid.  I've downloaded and installed
Squid
> 3.4 on OpenBSD.  I'm currently attempting to get the program to run as a
> transparent proxy.  I'm currently getting the following error message, and
> I'm not quite sure what is causing it, I've verified that my certificates
> are correct.  Any help would be very much appreciated.
>
> FATAL: No valid signing SSL certificate configured for http_port
> 0.0.0.0:3128
>
> Thanks,
>
> Matt
>
>
>
> --
> View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Help-getting-Squid-3-4-Transparent-Proxy-to-Work-tp4669007.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJUsECBAAoJENNXIZxhPexG+lUH/3JeVd7YIaLzbCY3o4k852gt
qBkt0Jk8IRKDaMmxeLcTu7drVz3FWp7Hk7kQneWNWoywSGEXgQzwCRGDMxx2aPjH
+35XiX39rSUx9/H6v6kOLtjLqmRaLSB95jnZUbFtBjVXdhpm3+BLwrTGf8j1WwVu
G5YPJigRCLAabXU3v9iIMn5qQ/awKm0+N1P3D+vvDpsvkTufbAEgijjAEmyAJZyM
/KRvh2OlEqox7rp0V7RGupUa629Oeze8/Dy3wAVWUTaloE3bUFK0avSalpcpfvgC
vktLeM2e5JIrTWY0p565SDnAdxIFL4f97z0N963xi4D8B0upp4lx2Fa8i/p/FZE=
=UfJb
-----END PGP SIGNATURE-----



More information about the squid-users mailing list