[solved] Squid not starting

Started by ruggerio, June 12, 2019, 07:31:03 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 12, 2019, 07:31:03 PM Last Edit: June 13, 2019, 05:07:45 PM by ruggerio
Since update to OPNsense 19.7.b_104-amd64, Squid does no longer start.

Errors:
SSL certificate database /var/squid/ssl_crtd is corrupted. Please rebuild
kid1| FATAL: The /usr/local/libexec/squid/security_file_certgen -s /var/squid/ssl_crtd -M 10MB helpers are crashing too rapidly, need help!

Coming directly from 19.1.9.
June 13, 2019, 05:11:36 PM #1
for those having a corrupted db too:

- ssh to you opnsense as root
- cd /var/squid
- move ssl_crtd and ssl_crtd.id to new names (i just appended .old for both, having a fallback)
- do:
Code Select
/usr/local/libexec/squid/security_file_certgen -c -s /var/squid/ssl_crtd -M 10 (thats the one, squid should have done, perhaps access issues, as the new ones belong to root:squid
- chown squid:squid ssl_crtd*

restart squid, done.
June 20, 2019, 01:06:43 PM #2
we will add a button to flush state in 19.7 https://github.com/opnsense/core/issues/3545, this seems to happen more often when upgrading from squid 3 to 4.
July 17, 2019, 02:57:11 PM #3
Hi there,

i just updated to 19.7 and had the same problem.
Unfortunately the Reset-Button in the support section doesn't help.
After Resetting i also rebooted, but the issue persisted.

Doing the steps manually makes squid runnig again.
Thank you ruggerio.

Regards,
Thomas
July 17, 2019, 06:29:16 PM #4
I just updated as well but neither solution is working. I also have these items in my squid logs.

Code Select
kid1| FATAL: The /usr/local/libexec/squid/security_file_certgen -s /var/squid/ssl_crtd -M 4MB helpers are crashing too rapidly, need help!

(security_file_certgen): Uninitialized SSL certificate database directory: /var/squid/ssl_crtd. To initialize, run "security_file_certgen -c -s /var/squid/ssl_crtd".
July 18, 2019, 12:24:53 AM #5
after upgrade also not working:
- reset by reset button not working
- manual instruction not working

tried with and without reboot, always the same result -> squid not possible to restart.
July 18, 2019, 07:53:15 AM #6
Anyone using custom cache directories?
July 18, 2019, 08:19:08 AM #7
No, no custom directories. Only standard values. It's also no matter of update or fresh install, tried this already. But I did backup the settings, maybe it is related to the settings?
July 18, 2019, 08:36:30 PM #8
Got fixed, see here:
https://github.com/opnsense/core/issues/3584


Gesendet von iPhone mit Tapatalk
July 19, 2019, 12:21:53 AM #9
I'm sorry, but also with this explaination it's still not working.
July 19, 2019, 12:59:14 AM #10
update: now also working for my installation -> I did stop the web proxy, did a reset in GUI as decribed by AndyX90 but then followed this code

https://github.com/opnsense/core/commit/981a718da087b37e4a505b0323967a24bc1d40bc

and what I had to do was to reboot OPNsense. Without reboot squid never came up. After reboot start web proxy without any issues... No idea, what the reboot did exactly changed, but it seems now working stable.
September 01, 2019, 10:50:47 AM #11
@payback007 is right: the only way to make it work is to follow the complex process of stop,reset,reboot,start... and I mention that I did not do any dirty tricks around squid.
Print
Go Up Pages1
User actions