Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3 Reverse Proxy - Client CA is empty file

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 498 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mdaniel
      last edited by

      Hi,

      maybe somebody has enqountered this problem before:

      I am using squid as a reverse proxy. Squid should only allow clients that present the correct client certificate.
      I have imported (public key only) my CA in the cert manager (Import existing CA: certificate data = public key)
      When I select that CA as the client certificate CA in the web gui and press safe, the crt file is generated in squids configuration directory and the proper entry is put into squid.conf, so that squid can read the file, i.e. /usr/local/etc/squid/58f66d2c0e976.crt

      I am sad to report that the certificate file is empty. When I use vi and populate the certificate file with the public key from the certificate manager and do a squid -k reconfigure, everything works fine.

      Has anybody else encountered this webGUI bug?

      System log: Unable to read client CAs! from /usr/local/etc/squid/58f66d2c0e976.crt  (Of course! There is no key in the CA file…)

      pfsense 2.3.3-RELEASE-p1
      squid package 0.4.36_2 and 0.4.36_3

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.