[squid-users] Reverse Proxy config chain SSL Cert files

From: Calvin Park <carrot_at_carrotis.com>
Date: Tue, 23 Jun 2009 09:40:54 +0900

Hello Squid users.

I am using on squid 3.0 Stable15.
I try to make SSL reverse proxy.
My config file is below.

https_port 443  cert=domain.crt key=domain.key
clientca=UTNAddTrustServerCA.crt defaultsite=www.test.com vhost
cache_peer 1.1.1.1 parent 443 0 no-query originserver sslflags=DONT_VERIFY_PEER

And start squid

/etc/init.d/squid start
* Starting Squid HTTP proxy squid
* Creating squid cache structure
Enter PEM pass phrase:

and enter my pass. It's Ok.

root_at_virt:/var/log/squid# lsof -i TCP:443
COMMAND   PID  USER   FD   TYPE  DEVICE SIZE NODE NAME
squid   24010 proxy   15u  IPv4 1311653       TCP *:https (LISTEN)

and 443 port opened.

But I can't connect SSL site ( https://www.test.com. )

How can I do ?. I don't know how to setup squid about chain SSL.

I found below log. (cache.log)
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
Received on Tue Jun 23 2009 - 00:40:57 MDT

This archive was generated by hypermail 2.2.0 : Tue Jun 23 2009 - 12:00:03 MDT