--On Mittwoch, 17. Dezember 2003 10:09 +0100 Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
On Tue, 16 Dec 2003, Paul wrote:
Can squid (squid-2.5.STABLE1-2 running under RH9 Linux) be configured to handled *chained* SSL certificates (e.g. from FreeSSL.com) for SSL to HTTP gatewaying? Before I purchase chained cert (much cheaper than usual certs), I'd like to hear from anyone who has direct experience.
Squid-3 or Squid-2-5 + SSL update patch it should if you simply add the chain to the certificate file.
Squid-2.5 without the SSL update patch does not support certificate chains unless you modify the source to use SSL_CTX_use_certificate_chain_file instead of SSL_CTX_use_certificate_file.
We tried this first, but found that this only works if you do not use "unchained" certs on other ports with the same squid. Which we do. Which we found out a bit too late... ;-)
Jan
Regards Henrik
