[squid-users] 3.5.6: need help: FATAL: No valid signing SSL certificate but openssl verify is OK
David Touzeau
david at articatech.com
Mon Jul 27 08:20:10 UTC 2015
Thanks Amos, i have removed the generate-host-certificates
http_port 0.0.0.0:3128 ssl-bump dynamic_cert_mem_cache_size=4MB
cert=/etc/squid3/ssl/chain.pem
But Squid still not want load the couple of Ca and certificate.
2015/07/27 10:16:30| Using certificate in /etc/squid3/ssl/chain.pem
2015/07/27 10:16:30| storeDirWriteCleanLogs: Starting...
2015/07/27 10:16:30| Finished. Wrote 0 entries.
2015/07/27 10:16:30| Took 0.00 seconds ( 0.00 entries/sec).
FATAL: No valid signing SSL certificate configured for HTTP_port
0.0.0.0:3128
Squid Cache (Version 3.5.5-20150619-r13846): Terminated abnormally.
CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys
Maximum Resident Size: 33408 KB
Page faults with physical i/o: 0
Does /etc/squid3/chain.pem contain the private key of a CA whose public
key is trusted by the client already?
No the chain.pem, contains only the Root CA's and the certificate
More information about the squid-users
mailing list