Hi. I'm using Squid Version 2.5.STABLE6 in this configuration: Internet ->HTTPS-> squid ->HTTP-> Intranet
It works *perfectly* with a self-signed certificate. However, if I sign a certificate with my own CA certificate, created using the -newca option to CA.pl, it doesn't work, and I get the following error: FATAL: Bungled squid.conf The error goes away when I switch back to my self-signed certificate - only a certificate signed by my own CA certificate does not work. To try and find out why, I set up a secure website using Apache's httpd. I added the SSLCACertificateFile directive, and it worked perfectly. I just had to accept the certificate. I tried various option to get squid to accept the CA, some of them probably made up: sslflags=DONT_VERIFY_PEER cafile=/path/to/cert ca=/path/to/cert Thinking squid couldn't take an argument to a different CA file, I appended my CA cert to the ca-bundle.crt file, making sure the format was exactly the same as the other certs in the file, i.e. an x509 part then the cert. squid -k parse still complained. What do I need to do to get this working? (I'm not able to patch squid because of automatic updates.) I'm running FC3. Thanks a lot.