How to get a SSL certificate for Squid 3.0

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

How to get a SSL certificate for Squid 3.0

fulanpeng
Hi,

I am using sefl-signed certificate to make SSL connection with
Browsers. The browser has a warning dialog box complaining my CA not
authorized by the browser. I was thinking to authenticate the browser
to get rid of this warning dialog box. But I failed. Now I am thinkg
to use NCSA to authorize the client and to certify my certificate for
customer to get rid of the security warning dialog window.

I checked many SSL certificate providers. They all deal with Apache or
other application. No one says about Squid. I am just wondering how to
make a certificate request to get the company mail me back a good
certificate so that the browser won't complain any more.

I had created a PKCS12 file and imported into the browser, but still
the browser complains. Please help!

Thanks a lot!
Reply | Threaded
Open this post in threaded view
|

Re: How to get a SSL certificate for Squid 3.0

Henrik Nordström
On sön, 2007-07-22 at 20:04 -0400, fulan Peng wrote:

> I checked many SSL certificate providers. They all deal with Apache or
> other application. No one says about Squid. I am just wondering how to
> make a certificate request to get the company mail me back a good
> certificate so that the browser won't complain any more.

Just follow whatever guides you find for Apache. It will work for Squid
as well as both uses OpenSSL.

Regards
Henrik

signature.asc (316 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: How to get a SSL certificate for Squid 3.0

fulanpeng
Yes, It seems works. I went InstantSSL, some where called Comodo. They
return me 5 files. I only used the mydomain_com.crt to replace the
cert= file and kept everything the same as before. Now the browser
won't have any complain with https.

I will try the client authentication now. I guess because the CA
problem, the browser may not return its certificate to Squid to fail
the SSL browser authentication.


On 7/22/07, Henrik Nordstrom <[hidden email]> wrote:

> On sön, 2007-07-22 at 20:04 -0400, fulan Peng wrote:
>
> > I checked many SSL certificate providers. They all deal with Apache or
> > other application. No one says about Squid. I am just wondering how to
> > make a certificate request to get the company mail me back a good
> > certificate so that the browser won't complain any more.
>
> Just follow whatever guides you find for Apache. It will work for Squid
> as well as both uses OpenSSL.
>
> Regards
> Henrik
>
>