Re: [squid-users] strange behavior with systemd

[Rafael Akchurin]

Check SELinux permissions first.

Best regards,
Rafael

> Op 13 nov. 2015 om 14:54 heeft Jakob Curdes  het 
> volgende geschreven:
> 
> Hello all,
> 
> I have a squid running as reverse proxy on a CentOS 7 box which uses systemd. 
> When installing the box everything was fine; I enabled the squid service and 
> it would start via systemd.
> Now I have exchanged the certificate fot the HTTPS service. Then I did a 
> "systemctl start  squid.service" and whoops, it failed. I then tried to start 
> squid manually which works perfectly, so the config file is ok. I looked at 
> the output of  "journalctl -xn", which shows that squid claims it cannot find 
> the certificate I configured. I double-checked that there is only one squid 
> config file and that the same config file is used whether I start it per hand 
> or via systemd (which uses the config file defined in /etc/sysconfig/squid). 
> Then I thought maybe systemd does some tricky config file caching and 
> rebooted the box. No change, start via systemd says "FATAL: No valid signing 
> SSL certificate configured for https_port [::]:443" while starting by hand 
> gives  "Using certificate in /etc/squid/...".  I'm pretty sure this is rather 
> an issue with systemd than with squid, but before asking there I wanted to 
> check whether I have overlooked something on the squid side. Any ideas?
> 
> 
> Hav a good weekend,
> Jakob
> 
> 
> 
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] strange behavior with systemd

[Jakob Curdes]

Am 13.11.2015 um 15:11 schrieb Rafael Akchurin:

Check SELinux permissions first.
Independently, I suddenly had the ugly feeling I forgot something 
SELinux was the culprit, the key file of the certificate did not have 
the correct SELINUX type.


Thanks and cheers, Jakob

___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] strange behavior with systemd

[Jakob Curdes]

Hello all,

I have a squid running as reverse proxy on a CentOS 7 box which uses 
systemd. When installing the box everything was fine; I enabled the 
squid service and it would start via systemd.
Now I have exchanged the certificate fot the HTTPS service. Then I did a 
"systemctl start  squid.service" and whoops, it failed. I then tried to 
start squid manually which works perfectly, so the config file is ok. I 
looked at the output of  "journalctl -xn", which shows that squid claims 
it cannot find the certificate I configured. I double-checked that there 
is only one squid config file and that the same config file is used 
whether I start it per hand or via systemd (which uses the config file 
defined in /etc/sysconfig/squid). Then I thought maybe systemd does some 
tricky config file caching and rebooted the box. No change, start via 
systemd says "FATAL: No valid signing SSL certificate configured for 
https_port [::]:443" while starting by hand gives  "Using certificate in 
/etc/squid/...".  I'm pretty sure this is rather an issue with systemd 
than with squid, but before asking there I wanted to check whether I 
have overlooked something on the squid side. Any ideas?



Hav a good weekend,
Jakob



___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users