9 月 062013
源码编译版本squid 3.3.8启动时message中的错误信息
[root@localhost etc]# ../sbin/squid Enter PEM pass phrase: [root@localhost etc]#
[root@localhost ~]# less /var/log/messages Sep 6 10:09:13 localhost (squid-1): No valid signing SSL certificate configured for https_port [::]:443
使用YUM安装的squid版本信息
[root@localhost ~]# rpm -q squid squid-3.1.10-18.el6_4.i686 [root@localhost ~]#
在使用相同配置文件时squid的启动错误信息
[root@localhost ~]# less /var/log/squid/cache.log 2013/09/06 10:41:40| Ignoring https_port [::]:443 due to SSL initialization failure.
[root@localhost ~]# less /var/log/messages Sep 5 13:35:55 localhost (squid): Cannot open HTTP Port
[root@localhost ~]# less /var/log/squid/cache.log 2013/09/05 13:36:51| Failed to acquire SSL private key '/usr/local/squid/server.key': error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
取消server.key的密码保护
[root@localhost ~]# openssl rsa -in server.key -out nserver.key Enter pass phrase for server.key: writing RSA key [root@localhost ~]#
修改squid.conf配置文件
https_port 443 accel cert=/usr/local/squid/server.pem key=/usr/local/squid/server.key defaultsite=hk.linuxcache.com vhost cache_peer 175.10.20.30 parent 80 0 no-query originserver name=my443 acl hk_ssl dstdomain hk.linuxcache.com cache_peer_access my443 allow hk_ssl http_access allow hk_ssl http_access deny all
启动squid并查看监听端口80和443已启用
[root@localhost ~]# /usr/local/squid/sbin/squid [root@localhost ~]# netstat -ant Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:53852 0.0.0.0:* LISTEN tcp 0 52 192.168.111.134:22 192.168.111.1:55917 ESTABLISHED tcp 0 0 :::111 :::* LISTEN tcp 0 0 :::80 :::* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 :::443 :::* LISTEN tcp 0 0 :::32863 :::* LISTEN [root@localhost ~]#