Does the certificate match the key? Is there a passphrase for the key? If
yes, please remove the passphrase. Are you able to get it working with
generate-host-certificates=off ?
Regards,
Shinoj.
-Original Message-
From: Sridhar N [mailto:sridhar.narasim...@live.com]
Sent: Monday,
Hi Sridhar,
I don’t see the following in your config file :
sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 50
always_direct allow all
/var/lib/ssl_db should be owned by squid. This is where the generated
certificates will be stored. This folder is created
Hi,
Please send me :
1. sslcrtd_program line from squid.conf
2. Output of ls /cache/lib/ssl_db
Regards,
Shinoj.
-Original Message-
From: iishiii [mailto:esh...@gmail.com]
Sent: Monday, November 25, 2013 2:41 PM
To: squid-users@squid-cache.org
Subject: [squid-users] Re: anyOne
Hi iishiii,
In the conf you sent, you have this line :
sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s
/usr/local/squid/var/lib/ssl_db -M 4MB sslcrtd_children 5
but the error below indicates :
*(ssl_crtd): Cannot create /cache/lib/ssl_db
What is the correct ssl_db location? Run the
-Original Message-
From: Amos Jeffries [mailto:squ...@treenet.co.nz]
Sent: Wednesday, November 20, 2013 1:59 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] intercepting SSL connections with client
certificate
On 20/11/2013 8:02 p.m., Shinoj Gangadharan wrote:
1
To: squid-users@squid-cache.org
Subject: Re: [squid-users] intercepting SSL connections with client
certificate
On 19/11/2013 12:42 a.m., Shinoj Gangadharan wrote:
Hi,
I am able to intercept normal SSL connections using ssl_bump. How can
I pass on the client certificate to the server? I tried using
to encrypted information from
inside this place will be so restricted that only system and engineering
staff will be allowed to access some places.
Best Regards,
Eliezer
On 19/11/13 15:39, Shinoj Gangadharan wrote:
I guess I am stuck:)
Thanks and Regards,
Shinoj.
1. sslbump is not passing on the client cert - I think this will be
fixed with SSLPeekandSplice feature
(http://wiki.squid-cache.org/Features/SslPeekAndSplice)
I do not think this can be fixed. IIRC, Squid cannot forward the
client
certificate to the server on a bumped connection: During
Hi,
I am able to intercept normal SSL connections using ssl_bump. How can I
pass on the client certificate to the server? I tried using cache_peer but
could not get it to work. Here is the conf :
acl myacl dstdomain myssldomain.com
cache_peer ssl.myssldomain.com parent 443 0 no-query proxy-only
