On Wed, 14 Sep 2005, Sam Lin wrote:
>
> Hello,
> in the cache.log i don't see any error message.
> and i find a post with the same problem
> http://openacs.org/forums/message-view?message_id=109568
> please read No.26
> i'm trying to put my CAcert into /usr/src/crypto/openssl/apps/cert.pem
> and restart my squid
> https still have the same alert message
Squid-2.5 does not support certificate chains.
Certificate chains is supported by Squid-3 or the SSL update patch to
Squid-2.5 available from devel.squid-cache.org. You then enable the use of
chained certificates by appending the CA certificate to your server
certificate, both in the same file with the server certificate first and
followed by the CA certificate chain.
You should NOT use any ca related https_port options. The ca related
options to https_port is for client certificate support when using SSL
certificate based authentication, not for specifying server certificate
chains.
Regards
Henrik
Received on Wed Sep 14 2005 - 08:05:46 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT