[squid-users] (no subject)
Alex Rousskov
rousskov at measurement-factory.com
Tue Apr 19 20:48:30 UTC 2022
On 4/19/22 16:12, Zaheer Shaikh wrote:
> we are struggling to get it working with cert based authentication.
> Certs are in p12 format.
You may need to convert the port certificate and its key to PEM format:
https://stackoverflow.com/a/15144560
> http_port 3128
Client certificate authentication works over TLS. Your Squid must listen
on https_port and your clients must connect using TLS. For example:
https_port 3443 \
tls-cert=/this/port/server/cert/key/and/bundle.pem \
clientca=/CA/certificates/to/check/clients.pem
The tls-cert bundle should contain the private certificate key for the
Squid listening port, the public certificate for that port, and any
necessary intermediate CA certificates that signed that public certificate.
HTH,
Alex.
More information about the squid-users
mailing list