Re: [squid-users] Install Godaddy certificate on squid to use ssl-bumping functionnality

From: Alex Crow <alex_at_nanogherkin.com>
Date: Tue, 27 May 2014 19:29:32 +0100

Hi,

Mistake in my post: should be:

  and jump through many hoops you will *NOT* get a subordinate signing
key from a reputable commercial CA.
>
> Otherwise, the internet and SSL would already be more borken than it
> is right now ;-)
>
> Alex
>
>
> On 27/05/14 19:13, Antoine Klein wrote:
>> Hi there,
>>
>> My boss give me a certificate purchased from Godaddy to intercept
>> HTTPS request.
>>
>> squid.conf :
>> http_port 3127 transparent
>> http_port 3128
>> https_port 3129 transparent ssl-bump cert=/etc/ssl/myGodaddyCertif.crt
>> sslproxy_capath /etc/ssl/certs
>>
>> When i restart squid i have an error :
>> ERROR: Failed to acquire SSL private key
>> '/etc/ssl/myGodaddyCertif.crt': error:0906D06C:PEM
>> routines:PEM_read_bio:no start line
>>
>> I haven't a private key, so is this normal ?
>>
>> Thanks !
>>
>
Received on Tue May 27 2014 - 18:29:35 MDT

This archive was generated by hypermail 2.2.0 : Wed May 28 2014 - 12:00:06 MDT