Squid does not work with two https_port directives. It fails to start with [EMAIL PROTECTED] etc]# /usr/local/squid/sbin/squid 2004/08/17 12:01:32| Initialising SSL. 2004/08/17 12:01:32| Using certificate in /usr/local/squid/etc/proxy.crt 2004/08/17 12:01:32| Using private key in /usr/local/squid/etc/proxy.crt 2004/08/17 12:01:32| Initialising SSL. 2004/08/17 12:01:32| Using certificate in /usr/local/squid/etc/proxy2.crt 2004/08/17 12:01:32| Failed to acquire SSL certificate '/usr/local/squid/etc/proxy2.crt': error:0906D06C:PEM routines:PEM_read_bio:no start line FATAL: Bungled squid.conf line 140: https_port xx.xx.xx.xx:8080 defaultsite=site2 protocol=https cert=/usr/local/squid/etc/proxy2.crt clientca=/usr/local/squid/etc/cacert.crt sslflags=NO_DEFAULT_CA options=NO_SSLv2 Squid Cache (Version 3.0-PRE3-20040816): Terminated abnormally. CPU Usage: 0.010 seconds = 0.000 user + 0.010 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 582 Aborted
The squid.conf has: https_port xx.xx.xx.xx:443 defaultsite=site1 protocol=https cert=/usr/local/squid/etc/proxy.crt clientca=/usr/local/squid/etc/cacert.crt sslflags=NO_DEFAULT_CA options=NO_SSLv2 https_port xx.xx.xx.xx:8080 defaultsite=site2 protocol=https cert=/usr/local/squid/etc/proxy2.crt clientca=/usr/local/squid/etc/cacert.crt sslflags=NO_DEFAULT_CA options=NO_SSLv2 When comment some of directives it works, so the syntax should be OK. Please let me know if you need any more info. Thanks, David > -----Original Message----- > From: Henrik Nordstrom [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 04, 2004 11:29 AM > To: David Hajek > Cc: [EMAIL PROTECTED] > Subject: Re: [squid-users] more https_port directives > > On Wed, 4 Aug 2004, David Hajek wrote: > > > I'm using Squid-3 as a reverse proxy for one internal ssl > server. I'm > > now thinking about installing second internal ssl server > and use the > > same squid as a reverse proxy for this server as well - want to add > > second https_port directive. I tried that but squid > complaints about > > bad config file. I didn't dig into the problem too much yet, but > > wanted to ask if this is possible with squid. > > You are supposed to be able to add as many https_port directives as > you like. Each requires it's own list of parameters. > > To verify that your now port is correct try uncommenting the first.. I > suspect it will still complain... > > Regards > Henrik > > >
