Right. that works now.
thanks.
- George
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
On 12/12/19 11:38 am, GeorgeShen wrote:
>
> did a 'openssl dhparam -out dhparams.pem 4096' to generate the dhparams.pem
> file, and added those into the squid.conf:
>
> http_port 3129 ssl-bump cert=/usr/local/squid/etc/ssl_cert/myCA.pem
> generate-host-certificates=on dynamic_cert_mem_cache_size=
did a 'openssl dhparam -out dhparams.pem 4096' to generate the dhparams.pem
file, and added those into the squid.conf:
http_port 3129 ssl-bump cert=/usr/local/squid/etc/ssl_cert/myCA.pem
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
*options=SINGLE_DH_USE:SINGLE_ECDH_USE
tls-dh=/u
On 11/12/19 4:00 pm, GeorgeShen wrote:
> I'm running the squid latest from download site. 4.9
> Ok, i suspect that was related to my ^C running the process in foreground,
> but I also see before that there are warning messages in the log:
> 2019/12/09 19:23:12.116 kid1| WARNING:
> /usr/local/squid/
I'm running the squid latest from download site. 4.9
Ok, i suspect that was related to my ^C running the process in foreground,
but I also see before that there are warning messages in the log:
2019/12/09 19:23:12.116 kid1| WARNING:
/usr/local/squid/libexec/security_file_certgen -s
/usr/local/squid
On 12/9/19 12:56 PM, GeorgeShen wrote:
> and at the end, it is also saying security_file_certgen crashes rapidly!!!
I would ignore anything that happens _after_ you press ^C (i.e. send
Squid a shutdown signal). While a shutdown should not "crash" any
helpers, that is not the problem you are curre
On 10/12/19 6:46 pm, GeorgeShen wrote:
>
> I'm wondering if this issue reported last year is fixed:
> http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-4-4-security-file-certgen-helpers-crashing-td4687098.html
>
That question implies that you are not using the latest Squid release,
or you
I'm wondering if this issue reported last year is fixed:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-4-4-security-file-certgen-helpers-crashing-td4687098.html
or is there a work around.
thanks.
- George
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users
Hi Alex,
this time I tried, a little different, this is the log from got the server
certs to colose the
SSL with error, and at the end, it is also saying security_file_certgen
crashes rapidly!!!
below the output of log
thanks.
- George
geyBC5spVGniTZ9g4/4EALHmrmP0d4vcbw0FJugljU7jWmdiUQEpoZZCov
On 12/8/19 1:53 AM, George Sheng wrote:
> From the debug I can also see the proxy connects towards the remote
> server, and proxy has negotiated fine with the server. the proxy
> receives 3 certificates from the server,
> and verification was fine to the server. But when the proxy trying to
> pro
On 9/12/19 10:41 am, GeorgeShen wrote:
> Hi Amos,
>
> i downloaded the 4.9 latest, and compiled with "./configure
> --with-default-user=proxy --with-openssl --enable-ssl-crtd", not redo the
> openssl and proxy certificate part, start squid with 4.9, still seeing
> failure. Have not debugged in det
the version 4.9 has the same behavior, can not finish negotiate with the
client.
I have setup two different client machines, one is macOS, the other alpine
linux.
I finally got the macOS wget https to work through the squid 4.9 proxy with
ssl-bump.
So the squid config is ok.
The alpine linux, us
Hi Amos,
i downloaded the 4.9 latest, and compiled with "./configure
--with-default-user=proxy --with-openssl --enable-ssl-crtd", not redo the
openssl and proxy certificate part, start squid with 4.9, still seeing
failure. Have not debugged in detail.
Quick question, when compile for the bump usa
Hi Amos,
thanks for the comments. I'll first try the later version as you pointed out
4.9 and see if I get the issues. Will report back.
thanks.
- George
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
___
On 8/12/19 7:53 pm, George Sheng wrote:
>
> Hi,
>
> I’m new to this group. I just setup a squid ver 4.5 on my ubuntu
When using SSL-Bump one does need to use the latest release. Which is
4.9 now.
Since this is a custom build (4.5 has never been a release in Ubuntu)
you may find Squid-5 has even
Hi,
I’m new to this group. I just setup a squid ver 4.5 on my ubuntu machine. I
configured this proxy to receive
https packets from another device on the same LAN, and modified the iptables to
redirect the port 443 packets
to the squid proxy port 3130.
I can see the client https packet has bee
16 matches
Mail list logo
