[squid-users] RE: Squid Accelerator and SSL, Unsupported method "L"

Fri, 13 Feb 2004 10:48:26 -0800 

Greetings,

Setting up Squid3.0 as an accelerator that needs to handle SSL.

As you recommended Henrik:
Un-encrypted my key.  Modified key and cert permissions.
No longer get FATAL: Bungled squid.conf error. ! Good.

For testing running Squid on port 9999
That works fine.

But when I attempt to access   https://.......:9999 
I get nothing.

The cache log shows:

2004/02/13 10:36:37| clientProcessRequest: Invalid Request
2004/02/13 10:36:46| parseHttpRequest: Requestheader contains NULL characters
2004/02/13 10:36:46| clientParseRequestMethod: Unsupported method 'L'           
<----Bad!
2004/02/13 10:36:46| clientProcessRequest: Invalid Request

Appreciate any suggestions.

Thank you,
John Kent

-----Original Message-----
From: Henrik Nordstrom [mailto:[EMAIL PROTECTED]
Sent: Monday, February 09, 2004 4:31 PM
To: Kent, Mr. John (Contractor)
Cc: Henrik Nordstrom; Squid_Users (E-mail)
Subject: RE: Squid Accelerator and SSL


On Mon, 9 Feb 2004, Kent, Mr. John (Contractor) wrote:

> Henrik and Brian,
> 
> As recommended, I created certificates and keys for my
> Squid server  using openssl
> 
> Created certificate:
> >openssl genrsa -des3 -out webcache2.key 1024

This generates an encryted RSA key of 1024 bits. Squid can not load 
encrypted RSA keys unless you start it with the -N option. Recommend to 
decrypt the key unless you actually want to have to enter the encryption 
key manually each time Squid is restarted.

> Created CSR:
> >openssl req -new -key webcache2.key -out webcache2.csr
> 
> Then Signed it:
> >openssl x509 -req -days 3650 -in webcache2.csr -signkey webcache2.key -out 
> >webcache2.crt

This generates the certificate.

> Modified my squid.conf file by adding the following line
> https_port 199.9.2.137:443 cert=/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt 
> key=/users/webuser/squid
> 3.0/conf/ssl.key/webcache2.key
> 
> When I go to start Squid get:
> bash-2.05$ ./squid  
> 2004/02/09 15:14:51| Failed to acquire SSL certificate 
> '/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt': error:02001002:system 
> library:fopen:No such file or directory
> FATAL: Bungled squid.conf line 135: https_port 199.9.2.137:443 
> cert=/users/webuser/squid3.0/conf/ssl.crt/webcache2.crt 
> key=/users/webuser/squid3.0/conf/ssl.key/webcache2.key

The error indiates that /users/webuser/squid3.0/conf/ssl.crt/webcache2.crt 
does not exists, or maybe that Squid does not have permission to enter the 
directory.

Maybe more information is given if you start Squid with the -X flag.

Regards
Henrik

Reply via email to