On Thu, 8 Jan 2004, Schaefer, Charles wrote: > How can I tell where I need to put the new intermediate.crt file I just got > from Verisign? They signed my cert on 12/29/03 with their cert that expired > on 1/7/04! Now I have to jump through a hoop to fix it.
If you are running Squid as an SSL accelerator server then you need to chain the intermediary certificate to your certificate. This is done by placing them both in the same certificate file. However, if using Squid-2.5 then you also need the SSL update patch available from http://devel.squid-cache.org/ or modify the source to use SSL_CTX_use_certificate_chain_file(sslContext, certfile) instead of SSL_CTX_use_certificate_file(sslContext, certfile, SSL_FILETYPE_PEM) Regards Henrik
