[squid-users] Squid Error on SSL Bump Certificates

From: iishiii <eshnaz_at_gmail.com>
Date: Wed, 4 Dec 2013 07:54:46 -0800 (PST)

after again building Squid 3.4.0.3
now am getting this error

2013/12/04 20:48:00| Set Current Directory to /var/cache/squid
2013/12/04 20:48:00| Starting Squid Cache version 3.4.0.3 for
x86_64-unknown-linux-gnu...
2013/12/04 20:48:00| Process ID 2145
2013/12/04 20:48:00| Process Roles: master worker
2013/12/04 20:48:00| With 4096 file descriptors available
2013/12/04 20:48:00| Initializing IP Cache...
2013/12/04 20:48:00| DNS Socket created at [::], FD 5
2013/12/04 20:48:00| DNS Socket created at 0.0.0.0, FD 6
2013/12/04 20:48:00| Adding nameserver 8.8.8.8 from /etc/resolv.conf
2013/12/04 20:48:00| helperOpenServers: Starting 5/50 'ssl_crtd' processes
2013/12/04 20:48:00| Logfile: opening log daemon:/var/log/squid/access.log
2013/12/04 20:48:00| Logfile Daemon: opening log /var/log/squid/access.log
2013/12/04 20:48:00| Local cache digest enabled; rebuild/rewrite every
3600/3600 sec
2013/12/04 20:48:00| Store logging disabled
2013/12/04 20:48:00| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2013/12/04 20:48:00| Target number of buckets: 1008
2013/12/04 20:48:00| Using 8192 Store buckets
2013/12/04 20:48:00| Max Mem size: 262144 KB
2013/12/04 20:48:00| Max Swap size: 0 KB
2013/12/04 20:48:00| Using Least Load store dir selection
2013/12/04 20:48:00| Set Current Directory to /var/cache/squid
2013/12/04 20:48:00| Finished loading MIME types and icons.
2013/12/04 20:48:00| Squid plugin modules loaded: 0
2013/12/04 20:48:00| Adaptation support is off.
2013/12/04 20:48:00| Accepting HTTP Socket connections at local=[::]:3129
remote=[::] FD 19 flags=9
2013/12/04 20:48:00| Accepting NAT intercepted HTTP Socket connections at
local=[::]:3128 remote=[::] FD 20 flags=41
2013/12/04 20:48:00| Accepting NAT intercepted SSL bumped HTTPS Socket
connections at local=[::]:3127 remote=[::] FD 21 flags=41
2013/12/04 20:48:01| storeLateRelease: released 0 objects
2013/12/04 20:48:54| fwdNegotiateSSL: Error negotiating SSL connection on FD
33: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed (1/-1/0)
2013/12/04 20:48:59| fwdNegotiateSSL: Error negotiating SSL connection on FD
10: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed (1/-1/0)
2013/12/04 20:49:01| fwdNegotiateSSL: Error negotiating SSL connection on FD
10: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed (1/-1/0)
2013/12/04 20:49:57| fwdNegotiateSSL: Error negotiating SSL connection on FD
66: error:00000000:lib(0):func(0):reason(0) (5/0/0)

still can open facebook or https sites correctly ... pages are broken and a
lot of security alerts...any idea ???

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Error-on-SSL-Bump-Certificates-tp4663669.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Wed Dec 04 2013 - 15:55:37 MST

This archive was generated by hypermail 2.2.0 : Thu Dec 05 2013 - 12:00:04 MST