RE: [squid-users] Verisign cert problem
This is a discussion on RE: [squid-users] Verisign cert problem within the Squid Users forums, part of the Web Server and Related Forums category; How can I tell where to put this file, or which ca-bundle.crt file to chain this to? I ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-08-2004
|
|||
|
|||
RE: [squid-users] Verisign cert problem
How can I tell where to put this file, or which ca-bundle.crt file to chain
this to? I did a find on my system, and there are two files. one in /usr/share/apps/kssl, and the other in /usr/share/ssl/certs. squid_GATEWAY_ssl-2.5.patch has been applied before compile. -----Original Message----- From: Henrik Nordstrom [mailto:hno@squid-cache.org] Sent: Thursday, January 08, 2004 3:01 PM To: Schaefer, Charles Cc: squid-users@squid-cache.org Subject: Re: [squid-users] Verisign cert problem On Thu, 8 Jan 2004, Schaefer, Charles wrote: > How can I tell where I need to put the new intermediate.crt file I just got > from Verisign? They signed my cert on 12/29/03 with their cert that expired > on 1/7/04! Now I have to jump through a hoop to fix it. If you are running Squid as an SSL accelerator server then you need to chain the intermediary certificate to your certificate. This is done by placing them both in the same certificate file. However, if using Squid-2.5 then you also need the SSL update patch available from http://devel.squid-cache.org/ or modify the source to use SSL_CTX_use_certificate_chain_file(sslContext, certfile) instead of SSL_CTX_use_certificate_file(sslContext, certfile, SSL_FILETYPE_PEM) Regards Henrik 
|
Linear Mode
