> From: Franz Angeli [mailto:franz.angeli@xxxxxxxxx] >> I configured one debian box with squid 3.1 (compiling it with ssl >> support) enabling sslBump feature with a self signed certificate, >> obviously browser and >> applications warn about the certificate but all seems to work. >> >> Is there a way to use trusted certificate for removing that warning >> (sorry for this dumb question but some applications doesn't permit >> certificate exception list like firefox for example)? > > If you have the signed certificate for the URL you're developing for, > then yes, you can use the certificate. For example, if your app is going > to app.squid-cache.org and you have the signed certificate for > app.squid-cache.org or *.squid-cache.org, then everything will be happy. > But, if you're trying to intercept the traffic for a third-party domain, > no, you can't. The best you can do, is to create your own CA and add the > public certificate to the browser/application, if it even allows you to. > Thank you for the informations And what about ICAP configuration? Some suggestion?
