Re: [squid-users] Problem when Squid3 calls my server certificate

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 28 Jan 2004 23:27:19 +0100 (CET)

On Tue, 27 Jan 2004, Ben Keepper wrote:

> 2004/01/27 21:47:47| Failed to acquire SSL private key
> '/usr/local/squid/etc/server.crt': error:0906D06C:PEM
> routines:PEM_read_bio:no start line

This indicates the file does not contain a RSA key.

> openssl genrsa -des3 -out server.key 1024
> openssl rsa -in server.key -out server.pem
> openssl req -new -key server.key -out server.csr
> openssl x509 -req -days 60 -in server.csr -signkey server.key -out
> server.crt

server.key contains the RSA key after the above sequence.

> https_port 443 cert=/usr/local/squid/etc/server.crt
> key=/usr/local/squid/etc/server.key
> cafile=/usr/local/squid/etc/server.crt defaultsite=mail.xxxxx.net

Are you positively sure this is the https_port line you are using? The
error message seems to differ..

Hmm.. from looking at the error message it looks like maybe the line is
broken into multiple lines. It needs to be one very long https_line with
all the arguments for the port.

Regards
Henrik
Received on Wed Jan 28 2004 - 16:09:29 MST

This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:09 MST