Yes, it works when sslflags=DELAYED_AUTH is not set - but errors in log file
are still there (but now it works)

2004/02/29 14:24:05.425| Initialising SSL.
2004/02/29 14:24:05.425| Error error setting CA certificate locations:
error:00000000:lib(0):func(0):reason(0)
2004/02/29 14:24:05.425| continuing anyway...

OK. So I'm unable to use ldap auth for some of the users and client certs
for the others until DELAYED_AUTH is
implemented. In other words I can't use ACL options related to user
certificate matching. Any timeframe on this?

Thanks,
David

> -----Original Message-----
> From: Henrik Nordstrom [mailto:hno@squid-cache.org]
> Sent: Sunday, February 29, 2004 2:02 PM
> To: David Hajek
> Cc: 'Henrik Nordstrom'; squid-users@squid-cache.org
> Subject: RE: [squid-users] user_cert ACL in accel mode
>
> On Sun, 29 Feb 2004, David Hajek wrote:
>
> > 2004/02/29 12:18:09.700| Initialising SSL.
> > 2004/02/29 12:18:09.700| Error error setting CA certificate

> locations:
> > error:0906D06C:PEM routines:PEM_read_bio:no start line
> > 2004/02/29 12:18:09.700| continuing anyway...

>
> Ok. This is a different thing and harmless, most likely from
> the initialization of the SSL client code due to not having
> sslproxy_cafile set.
>
> What I am not entirely sure about is if delayed certificate
> authentication is implemented yet, or actually I am pretty
> sure it is not. Please try if certificate authentication
> works without this flag.
>
> Regards
> Henrik
>
>