I am setting up a Squid proxy server. It needs to be available on a public IP address, so I need traffic between the client and the proxy to be secure. I have a wildcard SSL certificate from a certificate authority (Namecheap). I have these files:
- A key file with an RSA key - A certificate file - A certificate chain file, with the signing certificates from Namecheap - A combined file that includes both the certificate file and the certificate chain file. All these files are in PEM format. I am trying to work out how to configure squid to use these files as expected. As it stands, I have: https_port 8888 tls-cert=/etc/squid/combined.pem tls-key=/etc/squid/key.pem When using a curl client, I issue this: curl -i -x https://[proxyhost]:8888 [website_url] I get this response: curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. I get the same error regardless of whether website_url is an HTTP URL or an HTTPS URL, so I assume the issue is not the website. How do I make the squid server trusted by clients? John _______________________________________________ squid-users mailing list [email protected] https://lists.squid-cache.org/listinfo/squid-users
