[squid-users] Squid ignores crlfile options
Amos Jeffries
squid3 at treenet.co.nz
Sat Oct 3 05:09:29 UTC 2015
On 3/10/2015 12:11 a.m., Sebastian Kirschner wrote:
> Thanks Amos for the reply ,
>
> I will trim the config with your recommendations but a few questions exists on my side.
>
> " If you mean it to be used to verify the *server* certificates then you need to configure sslproxy_crlfile instead."
>
> I guess that was what im looking for :-) ,
> but I couldn’t find something about that configuration directives on the squid doc configuration site and my squid ignores the options
> because its unrecognized.
>
Sorry. I keep forgetting that one is not supported in Squid-3.
You will need Squid-4 with:
tls_outgoing_options crlfile=/...
> "> request_body_max_size 0 KB
>
> Seriously? POST and PUT are forbidden to send data anywhere?"
>
> Should the value be ignored because it’s a zero ?
> Here the part of the Squid configuration document
> "If you set this parameter to a zero (the default), there will be no limit imposed."
Maybe yes, maybe no. Sometimes our documentation is out of data and we
are moving to a model where "none" (the word) means no limits.
If you want the default, remove it from the config file. That goes for
almost all directives in Squid-3.
>
> " build-info requires a string. Whoever provided this package needs to fix that."
> I was the builder :-) , could you give me a hint about that ?
It is a string for branding, or adding a custom sentence to squid -v
output. Major distros use it to label their builds clearly in a way
separated from the release version. Some of my clients use it to label
what their custom patching was applied to the build.
If you dont set it to a string like --enable-build-info="something" it
is not useful and can be removed entirely.
Amos
More information about the squid-users
mailing list