You cannot use a password encrypted key with Squid...
well, it might work if you start Squid with the -N option, but using
unencrypted keys is the usual way of doing things on SSL servers, or
else someone must walk to the keyboard and enter the SSL key password
each time the server restarts...
When generating a simple self-signed certificate I usually use
openssl req -new -keyout server_key.pem -nodes -x509 -days 365 -out
server_cert.pem
-- Henrik Nordstrom Squid hacker APPANAH Ravi wrote: > > hello... > I have some trouble while running squid with ssl... > I successfully downloaded and installed the last 2.5 devel package. > I create my keys : > > openssl genrsa -des3 2048 > /etc/squid/server.key > openssl req -new -key /etc/squid/server.key -x509 -days 365 -out > /etc/squid/server.crt > > I have these errors while running squid in cache.log file : > > 2001/04/26 16:58:36| Starting Squid Cache version 2.5.DEVEL for > i686-pc-linux-gnu... > 2001/04/26 16:58:36| Process ID 7523 > 2001/04/26 16:58:36| With 1024 file descriptors available > 2001/04/26 16:58:36| Performing DNS Tests... > 2001/04/26 16:58:36| Successful DNS name lookup tests... > 2001/04/26 16:58:36| helperOpenServers: Starting 5 'dnsserver' processes > 2001/04/26 16:58:36| Unlinkd pipe opened on FD 14 > 2001/04/26 16:58:36| Swap maxSize 102400 KB, estimated 7876 objects > 2001/04/26 16:58:36| Target number of buckets: 393 > 2001/04/26 16:58:36| Using 8192 Store buckets > 2001/04/26 16:58:36| Max Mem size: 8192 KB > 2001/04/26 16:58:36| Max Swap size: 102400 KB > 2001/04/26 16:58:36| Rebuilding storage in /usr/local/squid/cache (DIRTY) > 2001/04/26 16:58:36| Using Least Load store dir selection > 2001/04/26 16:58:36| Set Current Directory to /usr/local/squid/cache > 2001/04/26 16:58:36| Loaded Icons. > 2001/04/26 16:58:36| Initialising SSL. > 2001/04/26 16:58:36| Using certificate in /etc/squid/server.crt > 2001/04/26 16:58:36| Using private key in /etc/squid/server.key > FATAL: Failed to acquire SSL private key: error:0906406D:PEM > routines:DEF_CALLBACK:problems getting password > > Squid Cache (Version 2.5.DEVEL): Terminated abnormally. > > What's the pb... > Thanks in advance for your help. > Regards, > Ravi APPANAH > > ---------------------------------------------------------------------------- > --------- > Ravi APPANAH Consultant Sécurité > CF6 groupe TELiNDUS > E-mail : ravi.appanah@telindus.fr > Phone : +33 1 41 91 39 00 41, rue des Trois Fontanot > Fax : +33 1 41 91 39 99 F-92024 NANTERRE CEDEX > Fax : +33 6 20 78 29 63 > ---------------------------------------------------------------------------- > -------- > For more informations about our products and services, please visit our > websites (http://www.cf6.fr/ and http://www.telindus.fr/) > ---------------------------------------------------------------------------- > ---------- > > --------------------------------------------------------------- > > Name: cache.log > Part 1.2 Type: unspecified type (application/octet-stream) > Encoding: quoted-printable > > Name: squid.conf > Part 1.3 Type: unspecified type (application/octet-stream) > Encoding: quoted-printableReceived on Thu Apr 26 2001 - 12:10:39 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:37 MST