Re: [squid-users] strange behavior with systemd
Check SELinux permissions first. Best regards, Rafael > Op 13 nov. 2015 om 14:54 heeft Jakob Curdeshet > volgende geschreven: > > Hello all, > > I have a squid running as reverse proxy on a CentOS 7 box which uses systemd. > When installing the box everything was fine; I enabled the squid service and > it would start via systemd. > Now I have exchanged the certificate fot the HTTPS service. Then I did a > "systemctl start squid.service" and whoops, it failed. I then tried to start > squid manually which works perfectly, so the config file is ok. I looked at > the output of "journalctl -xn", which shows that squid claims it cannot find > the certificate I configured. I double-checked that there is only one squid > config file and that the same config file is used whether I start it per hand > or via systemd (which uses the config file defined in /etc/sysconfig/squid). > Then I thought maybe systemd does some tricky config file caching and > rebooted the box. No change, start via systemd says "FATAL: No valid signing > SSL certificate configured for https_port [::]:443" while starting by hand > gives "Using certificate in /etc/squid/...". I'm pretty sure this is rather > an issue with systemd than with squid, but before asking there I wanted to > check whether I have overlooked something on the squid side. Any ideas? > > > Hav a good weekend, > Jakob > > > > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] strange behavior with systemd
Am 13.11.2015 um 15:11 schrieb Rafael Akchurin: Check SELinux permissions first. Independently, I suddenly had the ugly feeling I forgot something SELinux was the culprit, the key file of the certificate did not have the correct SELINUX type. Thanks and cheers, Jakob ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] strange behavior with systemd
Hello all, I have a squid running as reverse proxy on a CentOS 7 box which uses systemd. When installing the box everything was fine; I enabled the squid service and it would start via systemd. Now I have exchanged the certificate fot the HTTPS service. Then I did a "systemctl start squid.service" and whoops, it failed. I then tried to start squid manually which works perfectly, so the config file is ok. I looked at the output of "journalctl -xn", which shows that squid claims it cannot find the certificate I configured. I double-checked that there is only one squid config file and that the same config file is used whether I start it per hand or via systemd (which uses the config file defined in /etc/sysconfig/squid). Then I thought maybe systemd does some tricky config file caching and rebooted the box. No change, start via systemd says "FATAL: No valid signing SSL certificate configured for https_port [::]:443" while starting by hand gives "Using certificate in /etc/squid/...". I'm pretty sure this is rather an issue with systemd than with squid, but before asking there I wanted to check whether I have overlooked something on the squid side. Any ideas? Hav a good weekend, Jakob ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users