After upgrading my Fedora 27/Squid-4.0.23 to Fedora 38/Squid-5.9, the Squid refuses to start with the error message:
Jul 10 09:55:42 jona squid[56320]: 2023/07/10 09:55:42| ERROR: Failed to acquire TLS certificate '/etc/pki/tls/private/server.pem': error:0480006C:PEM routines::no start line Jul 10 09:55:42 jona squid[56320]: 2023/07/10 09:55:42| FATAL: HTTPS_port 192.168.20.2:22225 initialization error Jul 10 09:55:42 jona squid[56320]: 2023/07/10 09:55:42| Squid Cache (Version 5.9): Terminated abnormally. The problem is probably related to the reverse https proxy definition line in squid.conf : https_port 192.168.20.2:22225 accel cert=/etc/pki/tls/private/server.pem defaultsite=mail.kyenar.cz no-vhost name=reverzpe server.pem is the symlink to realFile.pem with this content: -----BEGIN RSA PRIVATE KEY----- MIIEpQ... ... ...vo= -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIGO... ... ...c5s= -----END CERTIFICATE----- and it worked fine in the older Squid-4.0.23 version. I tried: - tls-cert= instead of cert= - replacing the symlink server.pem with a real file. - arrange certificate in PEM file as first and key second - split PEM file into separate certificate and key and use it with syntax: https_port 192.168.20.2:22225 accel tls-cert=/etc/pki/tls/private/cert.pem tls-key=/etc/pki/tls/private/key.pem defaultsite=mail.kyenar.cz no-vhost name=reverzpe but squid still not start with this same message: ERROR: Failed to acquire TLS certificate '/etc/pki/tls/private/cert.pem': error:0480006C:PEM routines::no start line Can anyone help? --- Thanks in advance! Franta Hanzlik _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
