[squid-users] SSL Bump with valid CA

afranoux afranoux at orange.fr
Thu Jun 16 09:54:37 UTC 2016


Hello,

 

I'm student in computer lab and i finish a squid 3.5.19  with SSL-bump with
self signed certificat in intercept mode (work well).

Now i need to try to configurate squid with a non self-signed certificate

 

My gait:

 

openssl genrsa 2048 > redrocks.key

openssl req -new -key redrocks.key > redrocks.csr

 

after a visit to StartSSL in "Client S/MIME and Authentication Certificate"
i receive crt

 

openssl pkcs12 -export -in redrocks.crt -inkey redrocks.key -out
redrocks.p12

openssl pkcs12 -in redrocks.p12 -nodes -out redrocks.pem

 

 

squid.conf:

 

http_port 3128 intercept

https_port 3129 intercept ssl-bump \

                generate-host-certificates=on \

                dynamic_cert_mem_cache_size=4MB \

                cert=/etc/squid/ssl_cert/redrocks.pem \

                key=/etc/squid/ssl_cert/redrocks.pem

 

To read you, 

 

Cordially

 

Arnaud

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160616/16eec5d8/attachment.html>


More information about the squid-users mailing list