Re: [squid-users] client auth with SSL certificate

From: Henrik Nordstrom <[email protected]>
Date: Wed, 3 Mar 2004 22:25:21 +0100 (CET)

On Wed, 3 Mar 2004, David Hajek wrote:

> Squild cache.log complaints about:
>
> 2004/03/03 20:53:07| clientNegotiateSSL: Error negotiating SSL connection on
> FD 17: error:140D9115:SSL routines:SSL_GET_PREV_SESSION:session id context
> uninitialized (1/-1)

This is probably a bug in the Squid SSL implementation or misfeature in
the version of OpenSSL used.

Probably it helps adding a SSL_CTX_set_session_id_context() call to the
server-side ssl context. Using a session id context based on MD4 of the
pid and start time of Squid is probably appropriate.

Regards
Henrik
Received on Wed Mar 03 2004 - 14:25:24 MST

This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:01 MST