Re: [squid-users] problems with ssl_crtd

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 21 Sep 2012 19:20:36 +1200

Firstly, is this problem still occuring with a recent snapshot? we have
done a lot of stabilization on squid-3 in the months working up towards
3.2.1 release and the SSL code has had two new features added to improve
the bumping process and behaviours.

Secondly, the issue as you found is not in Squid but in the helper. You
should be able to add -d option to the helper command line to get a
debug trace out of it into cache.log. Set Squid to a normal (0 or 1)
level to avoid any squid debug confusing the helper traces.

In 3.2 helpers crashing is not usually a fatal event, you will simply
see an annoying amount of that:
"

2012/09/20 14:58:23| WARNING: ssl_crtd #2 exited
2012/09/20 14:58:23| Too few ssl_crtd processes are running (need 1/5)
2012/09/20 14:58:23| Starting new helpers
"

In this case there is something in the cert database or system
environment which is triggering the crash and persisting across into
newly started helpers, crashing them as well. This is the one case where
Squid is still killed by helpers dying faster than they can be sent
lookups, thus the

"FATAL: The ssl_crtd helpers are crashing too rapidly, need help!"

HTH
Amos
Received on Fri Sep 21 2012 - 07:20:52 MDT

This archive was generated by hypermail 2.2.0 : Fri Sep 21 2012 - 12:00:04 MDT