On 13/02/11 21:12, John Gardner wrote:
Hi everyone. I've got a query about running Squid as a Reverse Proxy that I
hope someone can answer.
Over the past year, I've been tasked with introducing serveral Squid servers
into our organisation, most of them so far have been internal Caching proxies,
but I'm now at the stage where I need to implement a Reverse Proxy (RP) in our
DMZ.
We're going to offload the SSL onto the RP using a Wildcard SSL Certificate and
during testing I used the advice here:
http://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate.
This was great to test everything and worked well. However, now I'm ready to
put this into a Production environment and I have to deal with the fact that we
are fundamentally a Windows house.
They have already procured wildcard SSL certificates from Verisign, where the
original CSR was generated on a Windows server sent off to the CA (Verisign)
and then then the wildcard certificate returned to us. My question is quite
simple, how do I import the wildcard certificate into openssl on the RP server?
All the examples I've seen online assume that you're generating the CSR on the
proxy server itself but I don't have that luxury unfortunately.
I know this is more of an OpenSSL question rather than pure Squid question, I
was just hoping that someone on the list has already done this and can give me
some advice.
Thanks in advance.
John
It does not matter where the files are generated. As long as they are
stored on the Squid box for Squid to access.
For Squid you do not have to install anything into OpenSSL, which is
just a library.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.11
Beta testers wanted for 3.2.0.4
