[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squid-users
Subject:    Re: [squid-users] 3.5.6: need help: FATAL: No valid signing SSL certificate but openssl verify is OK
From:       David Touzeau <david () articatech ! com>
Date:       2015-07-27 8:20:10
Message-ID: 55B5E9BA.3010809 () articatech ! com
[Download RAW message or body]





Thanks Amos, i have removed the generate-host-certificates

http_port 0.0.0.0:3128  ssl-bump  dynamic_cert_mem_cache_size=4MB 
cert=/etc/squid3/ssl/chain.pem



But Squid still not want load the couple of Ca and certificate.


2015/07/27 10:16:30| Using certificate in /etc/squid3/ssl/chain.pem
2015/07/27 10:16:30| storeDirWriteCleanLogs: Starting...
2015/07/27 10:16:30|   Finished.  Wrote 0 entries.
2015/07/27 10:16:30|   Took 0.00 seconds (  0.00 entries/sec).
FATAL: No valid signing SSL certificate configured for HTTP_port 
0.0.0.0:3128
Squid Cache (Version 3.5.5-20150619-r13846): Terminated abnormally.
CPU Usage: 0.008 seconds = 0.004 user + 0.004 sys
Maximum Resident Size: 33408 KB
Page faults with physical i/o: 0

Does /etc/squid3/chain.pem contain the private key of a CA whose public
key is trusted by the client already?

No the chain.pem, contains only the Root CA's and the certificate







_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[prev in list] [next in list] [prev in thread] [next in thread]