Re: [squid-users] FATAL: No valid signing SSL certificate configured for https_port

From: Eliezer Croitoru <eliezer_at_ngtech.co.il>
Date: Mon, 30 Jun 2014 14:14:04 +0300

I would say +1 for binary search..
Remove all specials and make it:
https_port 10.x.x.95:443 accel
cert=/usr/newrprgate/CertAuth/cert/cert.crt
key=/usr/newrprgate/CertAuth/cert/key.pem defaultsite=server_1.uk

Which will minimize it to a working settings which works on every linux
version with any openssl library I know of.

If it won't work I will verify that the certificates are in the right
format and if not convert them to the right format..

Else then that is to compile it from src on this or similar machine and
find out if you have the same issue with a self signed certificate.

I have not tested it yet on my build node but unless something is really
odd it should work with no issues.

Eliezer

On 06/30/2014 02:07 PM, John Gardner wrote:
> Eliezer
>
> The line that was working but is now causing problems is;
>
>
> https_port 10.x.x.95:443 accel
> cert=/usr/newrprgate/CertAuth/cert/cert.crt
> key=/usr/newrprgate/CertAuth/cert/key.pem
> cipher=ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
> options=NO_SSLv2 defaultsite=server_1.uk
>
> John
Received on Mon Jun 30 2014 - 11:16:21 MDT

This archive was generated by hypermail 2.2.0 : Mon Jun 30 2014 - 12:00:05 MDT