[Privoxy-users] Text replacement doesn't work
Matteo Spigolon
ns at fabbricapolitica.com
Thu Jan 27 17:59:25 UTC 2022
Errors in log file:
2022-01-27 18:58:42.337 7f63deff5700 Error: A website key already exists but there's no matching certificate. Removing /var/lib/privoxy/certs/95cfeef87da86e3a78ac24b0f5080abc.pem before creating a new key and certificate.
2022-01-27 18:58:42.357 7f63deff5700 Error: Parsing issuer key /etc/privoxy/CA/cakey.pem failed: PK - Read/write of file failed
2022-01-27 18:58:42.357 7f63deff5700 Error: generate_host_certificate failed: -1
2022-01-27 18:58:42.357 7f63deff5700 Error: Failed to open a secure connection with the client
> Il giorno 27 gen 2022, alle ore 17:26, Fabian Keil <fk at fabiankeil.de> ha scritto:
>
> Matteo Spigolon <ns at fabbricapolitica.com <mailto:ns at fabbricapolitica.com>> wrote on 2022-01-27 at 14:31:55:
>
>> Verified in http://config.privoxy.org/show-status <http://config.privoxy.org/show-status>
>> <http://config.privoxy.org/show-status <http://config.privoxy.org/show-status>>
>>
>> #define Enabled
>> FEATURE_HTTPS_INSPECTION Yes
>>
>> In /etc/privoxy/config I made these changes:
>>
>> - uncommented the "ca-directory /etc/privoxy/CA" row
>> - uncommented the "ca-cert-file cacert.crt” row
>> - uncommented the "ca-key-file cakey.pem” row
>> - uncommented the "certificate-directory /var/lib/privoxy/certs” row
>> - uncommented all the rows of the cipher lists
>> - generated caret.crt and cakey.pem and put them in /etc/privoxy/CA
>> (command: openssl req -new -x509 -extensions v3_ca -keyout cakey.pem
>> -out cacert.crt -days 3650)
>> - uncommented the "trusted-cas-file trusted_cas_file.pem”, downloaded
>> the example file "https://curl.se/ca/cacert.pem
>> <https://curl.se/ca/cacert.pem <https://curl.se/ca/cacert.pem>>” and renamed it.
>>
>> In /etc/privoxy/user.action Inserted these rows:
>>
>> +ignore-certificate-errors
>> {+https-inspection}
>
> Both actions should be inside the curly braces.
>
>> corriere.it <http://corriere.it/>
>> www.corriere.it <http://www.corriere.it/>
>> it.wikipedia.org <http://it.wikipedia.org/>
>> wikipedia.org <http://wikipedia.org/>
>> www.wikipedia.org <http://www.wikipedia.org/> <http://www.wikipedia.org/ <http://www.wikipedia.org/>>
>>
>> Then I restarted the privoxy service without errors In the log file.
>
> Unfortunately currently many configuration problems are only
> detected when actual requests are made that are affected by
> them.
>
> The following TODO list items are relevant here:
> | 22) Verify action files properly (Including arguments) and
> | act accordingly (should probably intercept all requests
> | with a "Invalid option foo detected" CGI page).
> |
> | 23) Do the same in case of syntax errors in the configuration file,
> | instead of just exiting or ignoring the problem.
> https://www.privoxy.org/gitweb/?p=privoxy.git;a=blob;f=TODO;hb=HEAD#l57 <https://www.privoxy.org/gitweb/?p=privoxy.git;a=blob;f=TODO;hb=HEAD#l57>
>
>> When I visit one of that sites I got this error: error during the
>> connection at it.wikipedia.org <http://it.wikipedia.org/>. PR_END_OF_FILE_ERROR
>>
>> Which mistakes I made?
>
> The PR_END_OF_FILE_ERROR error often indicates that Privoxy
> shutdown without properly serving the browsers request due
> to a configuration problem.
>
> If logging is enabled the Privoxy log file should contain
> an explanation for this.
>
> Fabian
More information about the Privoxy-users
mailing list