Hello,
I am using squid 3.0 PRE3 as a reverse proxy to secure connections :
client <--- HTTPS ---> SQUID <--- HTTP ---> Web Server
I want to accept connections depending on client certificate validation.
The client certificate is signed by my own CA and CA certificate is
distributed as necessary.
The configuration is good without client certificate ACL.
But connections always fail when I activate the user_cert ACL. I guess I
don't use the right syntax.
The help in squid.conf is not detailed enough for me :
# acl aclname user_cert attribute values...
# # match against attributes in a user SSL certificate
# # attribute is one of DN/C/O/CN/L/ST
Could you help me with examples ?
Here are the main lines of my squid.conf :
https_port 443 defaultsite=192.168.x.x protocol=http cert=rproxy.crt
key=rproxy.key cafile=myca.crt sslflags=DELAYED_AUTH
cache_peer 192.168.x.x parent 80 0 originserver
acl Cert_OK user_cert CN="Laurent Derrien"
http_access allow Cert_OK
http_access deny all
Regards,
Laurent Derrien
Received on Tue Aug 26 2003 - 21:11:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:19:07 MST