[squid-users] Random SSL bump DB corruption

Yuri Voinov yvoinov at gmail.com
Wed Mar 18 08:53:29 UTC 2015 

As I can research,

this problem produces one of Apple service under HTTPS.

When client query something like iTunes, squid gets strange certificate 
which is corrupts DB.

I found no solution at this time. Just stop squid and cleanup SSL db.

WBR, Yuri

18.03.15 11:21, Dan Charlesworth пишет:
> Bumpity bump
>
> Had this go down exactly the same way this past Monday at Deployment #1.
>
>> On 10 Mar 2015, at 4:51 pm, Dan Charlesworth <dan at getbusi.com 
>> <mailto:dan at getbusi.com>> wrote:
>>
>> Hey folks
>>
>> After having many of our systems running Squid 3.4.12 for a couple of 
>> weeks now we had two different deployments fail today due to SSL DB 
>> corruption.
>>
>> Never seen this in almost 9 months of SSL bump being in production 
>> and there were no problems in either cache log until the “wrong 
>> number of fields” lines, apparently.
>>
>> Anyone else?
>>
>> Deployment #1 log excerpt:
>> wrong number of fields on line 505 (looking for field 6, got 1, '' left)
>> (squid_ssl_crtd): The SSL certificate database 
>> /usr/local/mwf/mwf13/squid/ssl_db is corrupted. Please rebuild
>> 2015/03/10 09:04:24 kid1| WARNING: ssl_crtd #Hlpr0 exited
>> 2015/03/10 09:04:24 kid1| Too few ssl_crtd processes are running 
>> (need 1/32)
>> 2015/03/10 09:04:24 kid1| Starting new helpers
>> 2015/03/10 09:04:24 kid1| helperOpenServers: Starting 1/32 
>> 'squid_ssl_crtd' processes
>> 2015/03/10 09:04:24 kid1| "ssl_crtd" helper returned <NULL> reply.
>> wrong number of fields on line 505 (looking for field 6, got 1, '' left)
>> (squid_ssl_crtd): The SSL certificate database 
>> /usr/local/mwf/mwf13/squid/ssl_db is corrupted. Please rebuild
>>
>> Deployment #2 log excerpt:
>> wrong number of fields on line 2 (looking for field 6, got 1, '' left)
>> (squid_ssl_crtd): The SSL certificate database 
>> /usr/local/mwf/mwf13/squid/ssl_db is corrupted. Please rebuild
>> 2015/03/10 15:29:16 kid1| WARNING: ssl_crtd #Hlpr0 exited
>> 2015/03/10 15:29:16 kid1| Too few ssl_crtd processes are running 
>> (need 1/32)
>> 2015/03/10 15:29:16 kid1| Starting new helpers
>> 2015/03/10 15:29:16 kid1| helperOpenServers: Starting 1/32 
>> 'squid_ssl_crtd' processes
>> 2015/03/10 15:29:17 kid1| "ssl_crtd" helper returned <NULL> reply.
>> wrong number of fields on line 2 (looking for field 6, got 1, '' left)
>> (squid_ssl_crtd): The SSL certificate database 
>> /usr/local/mwf/mwf13/squid/ssl_db is corrupted. Please rebuild
>>
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150318/67d321f3/attachment.html>

More information about the squid-users mailing list