Re: [squid-users] Squid 3 as reverse-proxy with SSL [solved]
hi guys, the problem is solved! it was a https_port ... in another configfile without the cert/key param! so.. if you use https_port and dont set a cert param all other certs dont work... thx 4 help :) Henrik Nordstrom schrieb: On tis, 2008-06-10 at 22:14 +0200, Maik Fuss wrote: the cert's are from a ISP who says that's a modssl (apache) cert, so... is the reason for this the wrong cert-type? What do the first line of the cert look like? Do the user Squid is running as have permission to read the cert? Which Squid version? Regards Henrik
[squid-users] Squid 3 as reverse-proxy with SSL
Hi List, I want to use Squid as a reverse proxy with ssl support, so i setup a config like this: snip https_port 192.168.9.109:443 cert=/etc/squid/ssl/domain.tld.crt key=/etc/squid/ssl/domain.tld.key vhost http_port 192.168.9.109:80 vhost cache_peer 192.168.222.109 parent 80 0 proxy-only no-query originserver no-digest front-end-https=on sslcert=/domain.tld.crt sslkey=/etc/squid/ssl/domain.tld.key name=109_http acl testdomain dstdomain naturmed.online.biering.de acl testdomain_ADR dst 192.168.222.109 acl testdomain_PORT port 80 443 cache_peer_access 109_http allow testdomain http_access allow testdomain_ADR testdomain_PORT /snap but.. if i restart squid i become this msg: snip Failed to acquire SSL certificate '/etc/squid/ssl/domain.tld.crt': error:20074002:BIO routines:FILE_CTRL:system lib snap the cert's are from a ISP who says that's a modssl (apache) cert, so... is the reason for this the wrong cert-type? the system is Gentoo