[squid-users] [ext] Squid quits while starting?!
Ralf Hildebrandt
Ralf.Hildebrandt at charite.de
Fri Sep 29 06:38:39 UTC 2023
* Bud Miljkovic <bud_miljkovic at trimble.com>:
> # Intercept transparent HTTPS traffic
> https_port 3129 intercept ssl-bump cert=/etc/squid/ssl_cert/myCA.pem
> generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
> ssl_bump splice all
> sslcrtd_program /usr/libexec/ssl_crtd -s /var/lib/ssl_db -M 4MB
^ I think the portion above is relevant for this error
> 2023/09/29 15:02:52| helperOpenServers: Starting 5/32 'ssl_crtd' processes
...
> 2023/09/29 15:02:52| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::]:3129 remote=[::] FD 29 flags=41
> 2023/09/29 15:02:52| WARNING: ssl_crtd #Hlpr1 exited
> 2023/09/29 15:02:52| Too few ssl_crtd processes are running (need 1/32)
> 2023/09/29 15:02:52| Closing HTTP port [::]:3128
> 2023/09/29 15:02:52| Closing HTTPS port [::]:3129
> FATAL: The ssl_crtd helpers are crashing too rapidly, need help!
I assume the "sslcrtd_program" (set to "/usr/libexec/ssl_crtd -s /var/lib/ssl_db -M 4MB")
is indeed not starting up (or crashing immediately after).
* What does "dmesg" report?
* What happens if you invoke "/usr/libexec/ssl_crtd -s /var/lib/ssl_db -M 4MB"
by hand (as the squid user, I guess)
Also read
https://squid-users.squid-cache.narkive.com/w0JgcN24/need-assistance-debugging-squid-error-ssl-ctrd-helpers-crashing-too-quickly
which seems to imply that you need to initialize the DB first:
/usr/libexec/ssl_crtd -c -s /var/lib/ssl_db
--
Ralf Hildebrandt
Charité - Universitätsmedizin Berlin
Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration
Invalidenstraße 120/121 | D-10115 Berlin
Tel. +49 30 450 570 155
ralf.hildebrandt at charite.de
https://www.charite.de
More information about the squid-users
mailing list