Re: [squid-users] SSL Reverse Proxying

From: <[email protected]>
Date: Thu, 20 Mar 2003 15:19:26 -0000 (GMT)

Hi

I had to change the permissions on the files slightly - but that worked a
treat!!

Many thanks

Gordon

> The key is the file below the ssl.key directory.
>
> The certificate is the file below the ssl.crt directory.
>
> Both should be specified in your httpd.conf file for Apache.
>
> Regards
> Henrik
>
>
>
> G D McKee wrote:
>>
>> Hi
>>
>> I have the https server up and running.
>>
>> The /usr/local/etc/apache has the following ssl files in it - which
>> ones do need map squid to?
>>
>> drwxr-xr-x 2 root wheel 512 Oct 13 16:50 ssl.crl
>> drwxr-xr-x 2 root wheel 512 Nov 7 21:26 ssl.crt
>> drwxr-xr-x 2 root wheel 512 Oct 13 16:50 ssl.csr
>> drwx------ 2 root wheel 512 Oct 13 16:50 ssl.key
>> drwxr-xr-x 2 root wheel 512 Oct 13 16:50 ssl.prm
>>
>> I have tried https_port 192.168.0.1:443 cert='....' keys='....' etc
>> but squid just keeps on core dumping when fired up.
>>
>> Many thanks
>>
>> Gordon
>>
>> ----- Original Message -----
>> From: "Henrik Nordstrom" <hno@squid-cache.org>
>> To: <squid@gdmckee.com>
>> Cc: <squid-users@squid-cache.org>
>> Sent: Wednesday, March 19, 2003 5:44 PM
>> Subject: Re: [squid-users] SSL Reverse Proxying
>>
>> > See the guides for Apache mod_ssl or any other OpenSSL based server.
>> >
>> > Note: If you have a certificate then you MUST use the key the
>> > certificate is generated for. A certificate is only valid when
>> paired with the correct private key from which the certificate
>> request was generated.
>> >
>> > Squid wants the certificate and key in unencrypted PEM format
>> (encrypted format is also OK, but then Squid must be started with
>> the -N option to allow entering the key encryption password).
>> >
>> > Regards
>> > Henrik
>> >
>> >
>> > ons 2003-03-19 klockan 16.38 skrev squid@gdmckee.com:
>> > > Hi
>> > >
>> > > I have got the regular reverse proxy working but can't get a
>> certificate working for the ssl part of it. Does anyone have an
>> openssl command
>> that will
>> > > generate me a key to point squid to.
>> > >
>> > > Thanks in advance
>> > >
>> > > Gordon
>> > >
>> > >
>> > >
>> > > -------------------------------------------------
>> > > This mail sent through IMP: http://horde.org/imp/
>> > --
>> > Henrik Nordstrom <hno@squid-cache.org>
>> > MARA Systems AB, Sweden
>> >
>> >
Received on Thu Mar 20 2003 - 08:19:41 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:14:11 MST