Re: Squid configure option

Fri, 05 Dec 2014 14:22:54 -0800 

On Fri, Dec 5, 2014 at 8:56 AM, sven falempin <sven.falem...@gmail.com>
wrote:

> Index: Makefile.inc
> ===================================================================
> RCS file: /cvs/ports/www/squid/Makefile.inc,v
> retrieving revision 1.9
> diff -u -p -r1.9 Makefile.inc
> --- Makefile.inc        15 May 2014 21:24:33 -0000      1.9
> +++ Makefile.inc        5 Dec 2014 13:54:30 -0000
> @@ -66,6 +66,7 @@ CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \
>                 --enable-referer-log \
>                 --enable-removal-policies="lru heap" \
>                 --enable-ssl \
> +               --enable-ssl-crtd \
>                 --with-openssl \
>                 --enable-storeio="aufs ufs diskd" \
>                 --with-default-user="_squid" \
>
>
>
> because, why not ?
>
> # ./squid-3.4.6/build-amd64/src/ssl/ssl_crtd -h
> usage: ssl_crtd -hv -s ssl_storage_path -M storage_max_size
>         -h                   Help
>         -v                   Version
>         -s ssl_storage_path  Path to specific disk storage of ssl server
>                              certificates.
>         -M storage_max_size  max size of ssl certificates storage.
>         -b fs_block_size     File system block size in bytes. Need for
> processing
>                              natural size of certificate on disk.
> Default value is
>                              2048 bytes.
>
> After running write requests in the next format:
> <request code><whitespace><body_len><whitespace><body>
> There are two kind of request now:
> new_certificate 13 host=host.dom
>         Create new private key and selfsigned certificate for "host.dom".
> new_certificate xxx host=host.dom
> -----BEGIN CERTIFICATE-----
> ...
> -----END CERTIFICATE-----
> -----BEGIN RSA PRIVATE KEY-----
> ...
> -----END RSA PRIVATE KEY-----
>         Create new private key and certificate request for "host.dom"
>         Sign new request by received certificate and private key.
> usage: ssl_crtd -c -s ssl_store_path
>         -c                   Init ssl db directories and exit.
>
>
>
>
>
>
Dear ports,

Me again,,, is it possible than sslbump from squid has some problem with
libTLS ?
All i got from my sslbump config is that my certifcate are invalid.

Best regards,



-- 
---------------------------------------------------------------------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\

Reply via email to