Re: [squid-users] SSL Reverse Proxying

Hi

I have the https server up and running.

The /usr/local/etc/apache has the following ssl files in it - which ones do
need map squid to?

drwxr-xr-x 2 root wheel 512 Oct 13 16:50 ssl.crl
drwxr-xr-x 2 root wheel 512 Nov 7 21:26 ssl.crt
drwxr-xr-x 2 root wheel 512 Oct 13 16:50 ssl.csr
drwx------ 2 root wheel 512 Oct 13 16:50 ssl.key
drwxr-xr-x 2 root wheel 512 Oct 13 16:50 ssl.prm

I have tried https_port 192.168.0.1:443 cert='....' keys='....' etc but
squid just keeps on core dumping when fired up.

Many thanks

Gordon

----- Original Message -----
From: "Henrik Nordstrom" <hno@squid-cache.org>
To: <squid@gdmckee.com>
Cc: <squid-users@squid-cache.org>
Sent: Wednesday, March 19, 2003 5:44 PM
Subject: Re: [squid-users] SSL Reverse Proxying

> See the guides for Apache mod_ssl or any other OpenSSL based server.
>
> Note: If you have a certificate then you MUST use the key the
> certificate is generated for. A certificate is only valid when paired
> with the correct private key from which the certificate request was
> generated.
>
> Squid wants the certificate and key in unencrypted PEM format (encrypted
> format is also OK, but then Squid must be started with the -N option to
> allow entering the key encryption password).
>
> Regards
> Henrik
>
>
> ons 2003-03-19 klockan 16.38 skrev squid@gdmckee.com:
> > Hi
> >
> > I have got the regular reverse proxy working but can't get a certificate
> > working for the ssl part of it. Does anyone have an openssl command
that will
> > generate me a key to point squid to.
> >
> > Thanks in advance
> >
> > Gordon
> >
> >
> >
> > -------------------------------------------------
> > This mail sent through IMP: http://horde.org/imp/
> --
> Henrik Nordstrom <hno@squid-cache.org>
> MARA Systems AB, Sweden
>
>
Received on Wed Mar 19 2003 - 10:57:32 MST