Hi all,
I'm using a squid in windows as reverse proxy, and I faced
withproblems regarding SSL. Clearly I'm confused about this, but
herewhat I'm at.
1-I managed to convert my server (Windows versign issued
certificate)public/private keys using OpenSSL and included in Squid
(OK).2-Squid loads the certs but is unable to validate the CA !
So I went and I got the server issuer (Versign CA cert) and convertit
with openSSL to pem, now my question is where in the world should Iput
those files and what would be the openssl,cfg looks like .
If someone can help with a complete openssl,cfg & location of
theplacement of the my cacert.pem . I also kind of aware that the
opensslhave sort of database or something to track the keys !!
Again, I don't want to create my own CA or keys, all I want is
toimport my (Versign CA cert) so Squid/OpenSSL can validate
thecertificates. Currently I'm using this with
squid(sslflags=DONT_VERIFY_PEER) which does what it says (Not to
validatethe certificate, but I want to do the correct thing and
provide squidwith the way to it )
I also see that I may need to add the converted CAcert.pem into the
"openssldir" ,however this is compiled in the software to be
/usr/local/openssl , do I need to recompile openssl to change that ?!!
Thanks in advance.
Best Regards,Alaa Murad
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
