On 9/19/2012 1:44 PM, Linos wrote:
> Hi,
> i have been using Squid squid-3.2.0.17-20120527-r11561 in an Ubuntu Server
> 12.04 some time with ssl-bump without problems for a year, the ca cert expired
> some days ago and with the new ca cert i installed squid 3.2.1 stable.
>
> Now the proxy exists every time 10 or more users use https at the same time,
> it's pretty strange, i have tried to downgrade to the old squid version but i
> can't get the proxy to be stable no matter if using new or old version, i have
> tried to recreate other cert just in case, same problem, i recreated too
> squid_ssl_db and cache_dir, no matter what i do it keeps crashing, the cache log
> read as this:
>
<SNIP>
>
> I am using this ssl-bump line in squid.conf:
> http_port 3150 ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=16MB cert=/etc/squid3/ssl_cert/myCA.pem
>
> I generated this myCA.pem using the instructions here
> http://wiki.squid-cache.org/Features/DynamicSslCert
do you still have the old pem file?
If it's expired ok but it should be still running but creating defective
certificates.
did you changed ownership for the directory and files?
did you tried to run the command from shell to see if it works?
Eliezer
>
> I don't know what more to do, could i do something to get a more clear error? i
> have tried to use "debug_options ALL,9" but i only get much more noise (noise
> for me at least). What could i do?
>
> Regards,
> Miguel Angel.
>
-- Eliezer Croitoru https://www1.ngtech.co.il IT consulting for Nonprofit organizations eliezer <at> ngtech.co.ilReceived on Wed Sep 19 2012 - 15:26:17 MDT
This archive was generated by hypermail 2.2.0 : Wed Sep 19 2012 - 12:00:04 MDT