Maik Fuss wrote:
> Hi List,
> I want to use Squid as a reverse proxy with ssl support, so i setup a
> config like this:
>
> <snip>
> https_port 192.168.9.109:443 cert=/etc/squid/ssl/domain.tld.crt
> key=/etc/squid/ssl/domain.tld.key vhost
> http_port 192.168.9.109:80 vhost
>
> cache_peer 192.168.222.109 parent 80 0 proxy-only no-query originserver
> no-digest front-end-https=on sslcert=/domain.tld.crt
> sslkey=/etc/squid/ssl/domain.tld.key name=109_http
Most peers use port 443 for HTTPS. Are you sure its running on port 80
that way?
>
> acl testdomain dstdomain naturmed.online.biering.de
> acl testdomain_ADR dst 192.168.222.109
> acl testdomain_PORT port 80 443
>
> cache_peer_access 109_http allow testdomain
>
> http_access allow testdomain_ADR testdomain_PORT
> </snap>
>
> but..
> if i restart squid i become this msg:
> <snip>
> Failed to acquire SSL certificate '/etc/squid/ssl/domain.tld.crt':
> error:20074002:BIO routines:FILE_CTRL:system lib
> <snap>
>
> the cert's are from a ISP who says that's a modssl (apache) cert, so...
> is the reason for this the wrong cert-type?
I don't know, sorry, lets hope someone else does.
>
> the system is Gentoo
Amos
-- Please use Squid 2.7.STABLE1 or 3.0.STABLE6Received on Wed Jun 11 2008 - 00:37:23 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 11 2008 - 12:00:05 MDT