On Mon, 19 Apr 2004, Alfredo Pulido wrote: > Many or any PC without Certificate. Config the Certificate in the > Squid and Squid connect to www.xxxxxx.com and authenticate connection. > > Any PC (Client) -----> Squid/Certificate SSL ----> www.xxxxxx.com > > Is possible last scenary? How to?
Yes. Easiest path is to configure your Squid-3 as an accelerator for www.xxxxxx.com. See the cache_peer options for how to specify the client certificte to use when talking to a site. You need a way for the clients to know they should talk to the accelerator instead of the real web servers. This is most easily done by adding the host to the local hosts file on the clients, but it is also possible to play around with the local DNS used by the clients. If your clients is using a Squid (or other) proxy then this can also be used as the point of redirection to the accelerator by the same techniques. > ssl_support.o: In function `ssl_initialize(void)': > /usr/src/squid-3.0-PRE3-20040411/src/ssl_support.cc:390: undefined > reference to `ENGINE_by_id' > /usr/src/squid-3.0-PRE3-20040411/src/ssl_support.cc:394: undefined > reference to `ENGINE_set_default' Looks like your OpenSSL libraries and headers does not match each other. The build process has found OpenSSL headers with engine support but the resulting code got linked to a OpenSSL library without engine support.. Regards Henrik
