On linux server (RedHat 9.0) I have installed Squid V3.0 and Openssl
V0.9.7c.
for using this as HTTPS accelerator for our exchange server.
So far I have done follwoing:
1. Generated a RSA key with followinf command:
openssl genrsa -des3 -out privkey.pem 2048
2. Created a self-signed certificate-
openssl req -new -x509 -nodes -key privkey.pem -out cacert.pem -days 100
3. The squid.conf has follwoing line -
https_port 443 cert=/usr/local/ssl/cacert.pem
Now when I start squid I get follwoing error:
[root@Jupiter1 etc]# ../sbin/squid start
2004/03/02 14:52:23| Failed to acquire SSL private key
'/usr/local/ssl/cacert.pe
m': error:0906D06C:PEM routines:PEM_read_bio:no start line
FATAL: Bungled squid.conf line 98: https_port 443
cert=/usr/local/ssl/cacert.pe
m
Squid Cache (Version 3.0-PRE3): Terminated abnormally.
CPU Usage: 0.030 seconds = 0.030 user + 0.000 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 583
Aborted
4. if I do "https_port 443 cert=/usr/local/ssl/privkey.pem", I get
following error:
[root@Jupiter1 etc]# ../sbin/squid start
2004/03/02 14:53:09| Failed to acquire SSL certificate
'/usr/local/ssl/privkey.p
em': error:0906D06C:PEM routines:PEM_read_bio:no start line
FATAL: Bungled squid.conf line 98: https_port 443
cert=/usr/local/ssl/privkey.p
em
Squid Cache (Version 3.0-PRE3): Terminated abnormally.
CPU Usage: 0.030 seconds = 0.020 user + 0.010 sys
Maximum Resident Size: 0 KB
Page faults with physical i/o: 554
Aborted
#####################################################################################
DISCLAIMER
Any non-official business related views, opinions and other information presented
in this electronic mail are solely those of the sender/author. Burgan Bank does not
endorse or accept responsibility for these opinions, views or conclusions.
If you are not the addressee indicated in this electronic mail or responsible for
delivering this electronic message to the inteded recipient, you should delete this
message and notify the sender immediately.
Burgan Bank
#####################################################################################
Received on Tue Mar 02 2004 - 06:09:08 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:01 MST