今天測試了一下在squid上建一個ssl代理轉(zhuǎn)發(fā).其實也蠻容易的.
- https_port 443 cert=/etc/squid/SSL.CRT key=/etc/squid/SSL.KEY defaultsite=ssl.php-oa.com
- cache_peer ssl.php-oa.com parent 80 o no-query no-digest originserver name=www
- cache_peer_homain www .php-oa.com
其實真的很容易.是吧.有個https_port和cache_peer加上那個ssl的地址基本就好了.記的https_port要加defaultsite.不加會下面錯
The following error was encountered:
Invalid Request
Some aspect of the HTTP Request is invalid. Possible problems:
Missing or unknown request method
Missing URL
Missing HTTP Identifier (HTTP/1.0)
Request is too large
Content-Length missing for POST or PUT requests
Illegal character in hostname; underscores are not allowed
注
可以使用下面命令可以生成測試用的證書:
openssl req -new -keyout key.pem -nodes -x509 -days 365 -out cert.pem
如果要生成一個證書請求用于申請正式證書請用下面兩個命令:
1.生成私鑰 openssl genrsa -out key.pem 1024
2.生成待簽名證書 openssl req -new -out req.csr -key key.pem
然后將req.csr文件中的內(nèi)容提交給證書頒發(fā)機構(gòu)�����。