On 13/02/11 21:12, John Gardner wrote:
> Hi everyone. I've got a query about running Squid as a Reverse Proxy that I hope someone can answer.
>
> Over the past year, I've been tasked with introducing serveral Squid servers into our organisation, most of them so far have been internal Caching proxies, but I'm now at the stage where I need to implement a Reverse Proxy (RP) in our DMZ.
>
> We're going to offload the SSL onto the RP using a Wildcard SSL Certificate and during testing I used the advice here: http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate. This was great to test everything and worked well. However, now I'm ready to put this into a Production environment and I have to deal with the fact that we are fundamentally a Windows house.
>
> They have already procured wildcard SSL certificates from Verisign, where the original CSR was generated on a Windows server sent off to the CA (Verisign) and then then the wildcard certificate returned to us. My question is quite simple, how do I import the wildcard certificate into openssl on the RP server? All the examples I've seen online assume that you're generating the CSR on the proxy server itself but I don't have that luxury unfortunately.
>
> I know this is more of an OpenSSL question rather than pure Squid question, I was just hoping that someone on the list has already done this and can give me some advice.
>
> Thanks in advance.
>
> John
It does not matter where the files are generated. As long as they are
stored on the Squid box for Squid to access.
For Squid you do not have to install anything into OpenSSL, which is
just a library.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.4Received on Sun Feb 13 2011 - 09:58:45 MST
This archive was generated by hypermail 2.2.0 : Sun Feb 13 2011 - 12:00:03 MST