On 10/06/2014 5:09 p.m., vin_krish wrote:
> Hi Eliezer,
>
> Sorry for late reply as I was busy with some other issues. But I
> tested long back but was not able to reply you.
> I tested with your bash script but it throws error all time as:
>
> 2014/06/10 10:33:13| Accepting HTTP Socket connections at local=[::]:3128
> remote=[::] FD 19 flags=9
> 2014/06/10 10:33:13| Accepting NAT intercepted SSL bumped HTTPS Socket
> connections at local=[::]:3129 remote=[::] FD 20 flags=41
> 2014/06/10 10:33:13| WARNING: ssl_crtd #Hlpr0 exited
This is the problem. Why did that happen?
Usually we find this is from incorrect access permissons to the
/etc/squid3/ssl_cert/ssl_db or corrupted file(s) there.
> 2014/06/10 10:33:13| Too few ssl_crtd processes are running (need 1/10)
> 2014/06/10 10:33:13| Closing HTTP port [::]:3128
> 2014/06/10 10:33:13| Closing HTTPS port [::]:3129
> 2014/06/10 10:33:13| storeDirWriteCleanLogs: Starting...
> 2014/06/10 10:33:13| Finished. Wrote 0 entries.
> 2014/06/10 10:33:13| Took 0.00 seconds ( 0.00 entries/sec).
> FATAL: The ssl_crtd helpers are crashing too rapidly, need help!
>
>
> and my configuration is:
>
> http_port 3128
> https_port 3129 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=16MB cert=/etc/squid3/ssl_cert/myCA.pem
> sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s
> /etc/squid3/ssl_cert/ssl_db -M 16MB
> sslcrtd_children 10
>
> I have gone through forum and search also, as they specify about the change
> of permission and ownership to my user 'squid' to the ssl directory, but it
> didn't work.
Did you run the ssl_crtd tool as that user when you created it?
Amos
Received on Tue Jun 10 2014 - 06:55:03 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 10 2014 - 12:00:04 MDT