[squid-users] sslpassword_program
Michael Pelletier
michael.pelletier at palmbeachschools.org
Sun Dec 18 20:21:07 UTC 2016
Check your file permissions on the key.
On Dec 18, 2016 2:13 PM, <creditu at eml.cc> wrote:
> I'm having trouble getting the sslpassword_program working for an
> encrypted key. Config looks like this:
>
> sslpassword_program /usr/local/bin/pass.sh
> https_port 10.10.10.1:443 accel vhost cert=/etc/squid/www.crt
> key=/etc/squid/private.key
>
> On start, cache log states "Ignoring https_port 10.10.10.1:443 due to
> SSL initialization failure."
> On stop, console states "Failed to acquire SSL private key
> '/etc/squid/private.key': error:0200100D:system library:fopen:Permission
> denied"
>
> Removing the passphrase from the private key, squid starts normally.
> Permissions on the encrypted and non-encrypted keys are the same. I
> also tried putting the pass.sh program in /bin. The pass.sh program
> looks like this:
> #!/bin/sh
> echo "testing"
>
> The hash of the private key modulus and the certificate modulus match as
> well.
>
> Am I missing something? This is on squid 3.1.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
--
*Disclaimer: *Under Florida law, e-mail addresses are public records. If
you do not want your e-mail address released in response to a public
records request, do not send electronic mail to this entity. Instead,
contact this office by phone or in writing.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161218/9477f361/attachment.html>
More information about the squid-users
mailing list