RE: [squid-users] FW: failure notice

From: Jason Hitt <Jhitt@dont-contact.us>
Date: Tue, 8 May 2007 17:05:56 -0500

Disregard previous post, I was able to get it working but now for some strange reason my passwords aren't being taken. I am being prompted with the same prompt however its not accepting it like it did on the original server. Any hints?

-----Original Message-----
From: Jason Hitt
Sent: Tuesday, May 08, 2007 3:07 PM
To: 'Henrik Nordstrom'
Cc: Squid Users
Subject: RE: [squid-users] FW: failure notice

Thanks for the help thus far.

So far with the instructions you've given progress has been made but for a simple test trying the below site with just port 80 for now. This is what I've put in so far:

http_port 80 accel defaultsite=<ip address> (not going to do domain name for this server)

cache_peer <ip> parent 80 0 no-query originserver

cache_dir ufs /usr/local/squid/var/cache 100 16 256

When I do a squid -N I get the following:
Cannot write log file <the path above>
Permission denied (I've tried making the dir manually, no difference)
Warning: Closing open FD2

It just sits on "performing DNS tests" for awhile then crashes.
 
Any hints?
   

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: Monday, May 07, 2007 3:40 PM
To: Jason Hitt
Cc: Squid Users
Subject: RE: [squid-users] FW: failure notice

mån 2007-05-07 klockan 15:20 -0500 skrev Jason Hitt:
> The viconnect FAQ still references the old http_accel lines.
> http://viconnect.visolve.com/vic7/modules/knowledgebase/faqsearch.php?
> productid=22&contentid=78&nodeid=squidn08&visid . The squid-cache FAQ
> doesn't but doesn't make an sense to me
> http://wiki.squid-cache.org/SquidFaq/ReverseProxy
>
> All I want to do is have a very basic vanilla https server reverse
> proxied with Squid. I'll get the .pem cert but I can't even get squid
> to start up as it is. Any help would be GREATLY appreciated.

You'll need to give a cert (and key) to https_port. And if the origin server is also https then use the ssl option on cache_peer.

Configuration is the same as for http, but with the changes above to use https instead of http.. so it's just

https_port 443 cert=/path/to/cert.pem key=/path/to/cert_key.pem accel defaultsite=the.official.name

cache_peer ip.of.webserver parent 443 0 no-query originserver ssl

The certificate key needs to be stored unencrypted, or you will need to start Squid in foreground mode (-N option) to be able to enter the key encryption password.

Regards
Henrik
Received on Tue May 08 2007 - 16:06:11 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:04 MDT