Hey Amos,
I was thinking about something in the past and I will try my best to
understand what can be done.
Basically from what I understand even a read is not possible due to
SELINUX by squid.
So by that: A simple file "open" for read test on the certificates or
even any other settings related files basic test can help to identify
issues.
What do you think about a basic "read"(and maybe a stat on the file for
debug) test for all the main files?
Compared to squid load this would be a piece of cake.
Specifically for the certificate is one thing since OpenSSL dosn't
provide too much.
A pointer to find where the certificate read happens will be helpful.
On 07/02/2014 12:06 PM, Amos Jeffries wrote:
>
> Unfortunately the details on errors available from OpenSSL are not
> always very informative. If you could look into this Eliezer a patch
> would be welcome, even if it just added some debugs lines suggesting
> things to look at.
I will try to find the debug lines about permission denied and reading
errors.
Eliezer
>
> Amos
Received on Wed Jul 02 2014 - 18:19:04 MDT
This archive was generated by hypermail 2.2.0 : Thu Jul 03 2014 - 12:00:05 MDT