Automate SSL Certificate - Reverse Squid Proxy - vyas

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Automate SSL Certificate - Reverse Squid Proxy - vyas

Vayalpadu, Vedavyas

Hi Guys,

 

I have a reverse proxy squid server, where we are maintaining SSL certificates for the webshop applications, I wanted to know if there is any mechanism to,

 

  1. Alert our UNIX team with a mail before 30 days of expiry.

 

  1. Automate the certificate renewal,

 

Any suggestions are welcome.

 

 

 

VYAS  (Vedavyas Vayalpadu)

IT Operations Specialist – UNIX-IBM-AIX
[hidden email]
+91-7032906468

 




This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________

www.accenture.com

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Automate SSL Certificate - Reverse Squid Proxy - vyas

Matus UHLAR - fantomas
On 14.11.19 05:33, Vayalpadu, Vedavyas wrote:
>I have a reverse proxy squid server, where we are maintaining SSL certificates for the webshop applications, I wanted to know if there is any mechanism to,
>
>
>  1.  Alert our UNIX team with a mail before 30 days of expiry.

certificate providers use to provide that service.

>  1.  Automate the certificate renewal,

any certificate provider supporting ACME protocol could do this. on your
side it could be any ACME client, certbot or dehydrated (I prefer the
latter) could do that. You'll need script that reloads squid config with
certificate

--
Matus UHLAR - fantomas, [hidden email] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows found: (R)emove, (E)rase, (D)elete
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users