Re: [squid-users] Issue with reverse proxy and SSL cert/Intermediate/root

From: Henrik Nordström <henrik_at_henriknordstrom.net>
Date: Mon, 05 Apr 2010 19:43:24 +0200

mån 2010-04-05 klockan 09:59 -0400 skrev Nick Duda:

> The cert itself is installed, broken out with the server/key.pems,
> runs fine. I need to install the other 2 as well. When I append the
> cert.pem file on the proxy with the trustedroot cert and intermediate
> cert, it still doesn't look like its working right. Is there a certain
> order they must be in?

You don't normally put the root cert in there, just the servers
certificate followed by any intermediary certificates. You may put the
root certificate there as well (last) but doing so adds more overhead to
the SSL negotiation.

You can also add the CA certificates via the ca= option to https_port I
think, but not 100% sure this will work for announcing the certificate
path to clients.

Regards
Henrik
Received on Mon Apr 05 2010 - 17:43:28 MDT

This archive was generated by hypermail 2.2.0 : Mon Apr 05 2010 - 12:00:03 MDT