On Thu, 29 Sep 2005, Hirsch, Ben wrote:
Thanks for the reply. Is this the patch I need: http://devel.squid-cache.org/cgi-bin/diff2/ssl-2_5?s2_5 ?
Yes.
I can not seem to find the configuration directive(s) I should be using. The ones pertaining to CA's seem to apply to Squid's ability to verify the client certificate.
No special config needed. With the patch you just add the certificate chain to the server certificate like is done with most OpenSSL based https servers, starting with the server certificate and followed by the certificate chain up to the root (or as far as needed to reach the trusted CA certificates installed in the browsers)
Regards Henrik
