Henrik and Brian, As recommended, I created certificates and keys for my Squid server using openssl
Created certificate: >openssl genrsa -des3 -out webcache2.key 1024 Created CSR: >openssl req -new -key webcache2.key -out webcache2.csr Then Signed it: >openssl x509 -req -days 3650 -in webcache2.csr -signkey webcache2.key -out >webcache2.crt Modified my squid.conf file by adding the following line https_port 199.9.2.137:443 cert=/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt key=/users/webuser/squid 3.0/conf/ssl.key/webcache2.key When I go to start Squid get: bash-2.05$ ./squid 2004/02/09 15:14:51| Failed to acquire SSL certificate '/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt': error:02001002:system library:fopen:No such file or directory FATAL: Bungled squid.conf line 135: https_port 199.9.2.137:443 cert=/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt key=/users/webuser/squid3.0/conf/ssl.key/webcache2.key Squid Cache (Version 3.0-PRE3): Terminated abnormally. CPU Usage: 0.020 seconds = 0.020 user + 0.000 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 429 Aborted Did a google search and found that Henrik had recommended to someone who reported the same problem the following: >If you use encrypted RSA keys then you must start Squid with the -N option So tried: bash-2.05$ ./squid -N 2004/02/09 15:16:34| Failed to acquire SSL certificate '/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt': error:02001002:system library:fopen:No such file or directory FATAL: Bungled squid.conf line 135: https_port 199.9.2.137:443 cert=/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt key=/users/webuser/squid3.0/conf/ssl.key/webcache2.key Squid Cache (Version 3.0-PRE3): Terminated abnormally. CPU Usage: 0.010 seconds = 0.010 user + 0.000 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 429 Aborted And also bash-2.05$ ./squid -v Squid Cache: Version 3.0-PRE3 configure options: '--prefix=/users/webuser/squid3.0' '--enable-storeio=diskd,ufs' '--enable-ssl' '--with-openssl=/usr/lib' I noticed that in the default squid.conf file it talks about cert=certificate.pem [key=key.pem] Does the fact that my keys and certificates end in .key cause the failure? Thank you, John Kent Webmaster Naval Research Laboratory Monterey, CA -----Original Message----- From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] Sent: Friday, February 06, 2004 7:32 PM To: Kent, Mr. John (Contractor) Cc: Squid_Users (E-mail) Subject: RE: Squid Accelerator and SSL On Fri, 6 Feb 2004, Kent, Mr. John (Contractor) wrote: > The problem I now have is that the accelerator works perfectly and hides > the fact that the client is connecting to an https server. You should set up Squid as an https reverse proxy. See the https_port directive. Regards Hernik
