Hi All,
I'm having a problems with a SSL Certificate on 2.5.STABLE1 I have previosly
had a test cert that has been working fine, we then generated a key and CSR
to get a real cert and I'm now having problems with it.
I generated the key and the csr with the following commands
openssl genrsa -des3 -out intranet.key 1024
openssl req -new -key intranet.key -out intranet.csr
Then installed the cert from verisign with the following line
https_port 203.153.231.203:443 cert=/etc/squid/intranet.crt
key=/etc/squid/intranet.key
This is the output from cache.log and messages respectively.
Any help would be appreciated.
Regards
Peter
2003/01/22 10:26:41| Starting Squid Cache version 2.5.STABLE1 for
i386-redhat-linux-gnu...
2003/01/22 10:26:41| Process ID 21482
2003/01/22 10:26:41| With 1024 file descriptors available
2003/01/22 10:26:41| DNS Socket created at 0.0.0.0, port 34101, FD 5
2003/01/22 10:26:41| Adding nameserver 203.153.231.197 from /etc/resolv.conf
2003/01/22 10:26:41| Adding nameserver 203.153.224.10 from /etc/resolv.conf
2003/01/22 10:26:41| Adding nameserver 203.153.224.20 from /etc/resolv.conf
2003/01/22 10:26:41| Unlinkd pipe opened on FD 10
2003/01/22 10:26:41| Swap maxSize 102400 KB, estimated 7876 objects
2003/01/22 10:26:41| Target number of buckets: 393
2003/01/22 10:26:41| Using 8192 Store buckets
2003/01/22 10:26:41| Max Mem size: 8192 KB
2003/01/22 10:26:41| Max Swap size: 102400 KB
2003/01/22 10:26:41| Rebuilding storage in /var/spool/squid (DIRTY)
2003/01/22 10:26:41| Using Least Load store dir selection
2003/01/22 10:26:41| Set Current Directory to /var/spool/squid
2003/01/22 10:26:41| Loaded Icons.
2003/01/22 10:26:46| Accepting HTTP connections at 203.153.231.203, port 80,
FD 12.
2003/01/22 10:26:46| Initialising SSL.
2003/01/22 10:26:46| Using certificate in /etc/squid/intranet.crt
FATAL: Failed to acquire SSL certificate: error:0D0A2007:asn1 encoding
routines:d2i_X509_CINF:expecting an asn1 sequence
Squid Cache (Version 2.5.STABLE1): Terminated abnormally.
CPU Usage: 0.070 seconds = 0.030 user + 0.040 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 539
Memory usage for squid via mallinfo():
total space in arena: 1838 KB
Ordinary blocks: 1817 KB 4 blks
Small blocks: 0 KB 0 blks
Holding blocks: 200 KB 1 blks
Free Small blocks: 0 KB
Free Ordinary blocks: 21 KB
Total in use: 2017 KB 110%
Total free: 21 KB 1%
Jan 22 09:18:28 www squid[21138]: Squid Parent: child process 21175 started
Jan 22 09:18:33 www (squid): Failed to acquire SSL certificate:
error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an asn1
sequence
Jan 22 09:18:33 www squid[21138]: Squid Parent: child process 21175 exited
due to signal 6
Jan 22 09:18:33 www squid[21138]: Exiting due to repeated, frequent failures
Jan 22 10:26:08 www squid[21466]: Squid Parent: child process 21468 started
Jan 22 10:26:13 www (squid): Failed to acquire SSL certificate:
error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an asn1
sequence
Jan 22 10:26:13 www squid[21466]: Squid Parent: child process 21468 exited
due to signal 6
Jan 22 10:26:16 www squid[21466]: Squid Parent: child process 21472 started
Jan 22 10:26:21 www (squid): Failed to acquire SSL certificate:
error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an asn1
sequence
Jan 22 10:26:21 www squid[21466]: Squid Parent: child process 21472 exited
due to signal 6
Jan 22 10:26:24 www squid[21466]: Squid Parent: child process 21475 started
Jan 22 10:26:30 www (squid): Failed to acquire SSL certificate:
error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an asn1
sequence
Jan 22 10:26:30 www squid[21466]: Squid Parent: child process 21475 exited
due to signal 6
Jan 22 10:26:33 www squid[21466]: Squid Parent: child process 21478 started
Jan 22 10:26:38 www (squid): Failed to acquire SSL certificate:
error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an asn1
sequence
Jan 22 10:26:38 www squid[21466]: Squid Parent: child process 21478 exited
due to signal 6
Jan 22 10:26:41 www squid[21466]: Squid Parent: child process 21482 started
Jan 22 10:26:46 www (squid): Failed to acquire SSL certificate:
error:0D0A2007:asn1 encoding routines:d2i_X509_CINF:expecting an asn1
sequence
Jan 22 10:26:46 www squid[21466]: Squid Parent: child process 21482 exited
due to signal 6
--------------------------------------------------------------
Peter Robinson Senior Consultant
Open Systems Support peterr@opensystems.net.au
97 Broadway, Nedlands WA 6009
Ph (08) 92848777 Fax (08) 93869833
Received on Tue Jan 21 2003 - 19:28:11 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:46 MST