Advertisement
albspirit86

squid cert test

Apr 5th, 2015
350
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.88 KB | None | 0 0
  1.  
  2. I have a HTTPS server that expects the client to provide a certificate. This cert uses a passphrase. Everything works fine. But if I use SQUID as my proxy then the authentication fails and squid returns a 503.
  3.  
  4. Is there anything special I would need to configure in squid? I couldn't find anything in the docs.
  5.  
  6. I'm getting the following in the squid cache.log
  7.  
  8. fwdNegotiateSSL: Error negotiating SSL connection on FD 15: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure (1/0/0)
  9. -- EDIT--
  10.  
  11. Well, I found the configuration I needed to add and now it's working as expected:
  12.  
  13. sslpassword_program /etc/squid/program.sh
  14. sslproxy_client_key /etc/squid/keys/cert.pem
  15. I put my cert.pem into the /keys folder. Then program.sh is a very simple program that prints the passphrase. This is all it has:
  16.  
  17. #!/bin/sh
  18. echo "mypassphrase"
  19. Restarted squid and now it's working!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement