tor 2006-12-21 klockan 19:04 +0100 skrev Reale Marco:
> Now I have isa server 2006 in which I imported a certificate (not
> verified but self-generated by IIS); ISA "speak" with Exchange 2003 in
> a secure network providing rpc over http authentication
>
> internet---->(https)----->isa with certificate(http)----->exchange
> 2003
>
> Really my doubts are not strectly related to (only) squid
> configuration but to the certificate handling (in combination with
> squid)
>
> Thus I asked for an how-too that explain simply how to replicate a
> typical configuration like this (with certificate)
You need to either make a new certificate for Squid, or manage to export
it to PEM format from the ISA server if you want to keep the exact same
certificate. But since the ISA certificate is self-signed you can just
as well make a new certificate for Squid.
The simplest method for creating a self-signed certificate for OpenSSL
is to run
openssl req -new -x509 -out selfsigned.pem -keyout key.pem -nodes -days 365
and answer the simple questions asked by OpenSSL.
If you want to be able to request a real certificate from a CA then use
the following instead
openssl req -new -out request.pem -keyout key.pem -nodes
openssl req -x509 -in request.pem -out selfsigned.pem -key key.pem
then send request.pem to the CA of your choice requesting a "real"
certificate, and use selfsigned.pem until the CA process is completed..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon Jan 01 2007 - 12:00:01 MST