On 18/04/17 21:29, Eric Veiras Galisson wrote:
I'm back with more information about my problem.
I put squid in front of https://fr.wikipedia.org, I generated a false
certificate for my test to avoid problems with my browser and... I
still have a problem with squid, the same as before.
I'm thinking that my problem does not come from the upstream
certificate itself (which could be the case with ours, but I don't
think about wikipedia's ;) and that the root cause is my custom squid
build.
I'm running squid Debian Jessie version 3.4.8-6+deb8u4 and I
recompiled adding the following options:
- --enable-ssl --with-open-ssl="/etc/ssl/openssl.cnf"
- --enable-ssl --with-open-ssl
- --enable-ssl
- --enable-ssl --with-open-ssl --with-ssl-crtd
I tried these combinations and none of them solve my problem. I think
I may be missing some important compilation option but I can't find which.
You should use: --enable-ssl-crtd --with-openssl
The --enable-ssl option is obsolete.
The --with-openssl option takes a path to where the openssl development
files are installed. Somehow I doubt that you have a library installed
as /etc/ssl/openssl.cnf/openssl/libssl.a. When building against the
systems default openssl installation you can omit the path. You only
need it if you are building a custom Squid against a custom openssl.
Amos
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
