security_file_certgen
Because the standard generation of SSL certificates for sslBump feature, Squid must use external process to actually make these calls. This process generate new ssl certificates and worked with ssl certificates disk cache. Typically there will be five certificate generator processes spawned from Squid. Communication occurs via TCP sockets bound to the loopback interface. The class in helper.h are primally concerned with starting and stopping the helpers. Reading and writing to and from the helpers occurs in the IP and the dnsservers occurs in the IP and FQDN cache modules.

Command Line Interface

usage: security_file_certgen -hv -s ssl_storage_path -M storage_max_size
    -h                   Help
    -v                   Version
    -s ssl_storage_path  Path to specific disk storage of ssl server
                         certificates.
    -M storage_max_size  max size of ssl certificates storage.
    -b fs_block_size     File system block size in bytes. Need for processing
                         natural size of certificate on disk. Default value is
                         2048 bytes."

    After running write requests in the next format:
    <request code><whitespace><body_len><whitespace><body>
    There are two kind of request now:
    new_certificate 14 host=host.dom
        Create new private key and selfsigned certificate for "host.dom".

    new_certificate xxx host=host.dom
    -----BEGIN CERTIFICATE-----
    ...
    -----END CERTIFICATE-----
    -----BEGIN RSA PRIVATE KEY-----
    ...
    -----END RSA PRIVATE KEY-----
        Create new private key and certificate request for "host.dom".
        Sign new request by received certificate and private key.

usage: security_file_certgen -c -s ssl_store_path\n
    -c                   Init ssl db directories and exit.

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors