On 14/02/11 20:53, John Gardner wrote:
>> It does not matter where the files are generated. As long as they are
>> stored on the Squid box for Squid to access.
>>
>> For Squid you do not have to install anything into OpenSSL, which is
>> just a library.
>
> Thanks for the pointers Amos.
>
> Hopefully I'm going to attempt to do it this way;
>
> 1) Export the file from the Windows server as a .pfx file
> 2) Separate the private key from the .pfx file;
> openssl pkcs12 -in windows.pfx -out outputfile.txt -nodes
> 3) Extract the private key from outputfile.txt and store it as private.key
> 4) Then add the line to Squid;
> https_port 443 cert=/usr/newrprgate/CertAuth/verisign.cert key=/usr/newrprgate/CertAuth/private.key defaultsite=mywebsite.mydomain.com vhost
>
> Where;
> private.key = the original private key of the Windows server that generated the original request
> verisign.cert = the wildcard certificate back from Verisign
>
>
> Can anybdy see any immediate faults with doing it this way?
>
> Thanks
>
> John
>
That matches what I would expect to work.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.4Received on Mon Feb 14 2011 - 10:22:59 MST
This archive was generated by hypermail 2.2.0 : Mon Feb 14 2011 - 12:00:01 MST