Search squid archive

Re: Squid 3.2 - Dynamic SSL certs that aren't self-signed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Here are logs from /usr/local/squid/var/lib/ssl_db/index.txt

V       131124202916Z           058BD142        unknown
/CN=www.microsoft.com-----BEGIN CERTIFICATE-----
V       131124203005Z           058BD143        unknown
/CN=clients1.google.com-----BEGIN CERTIFICATE-----
V       131124203006Z           058BD144        unknown
/CN=mail.google.com-----BEGIN CERTIFICATE-----


On Mon, Dec 27, 2010 at 1:00 PM, Alex Ray <alexray@xxxxxxxxxxxxxxx> wrote:
> No, the certificate is being made, just incorrectly.  Look at the common name:
>
> microsoft.com-----BEGIN CERTIFICATE-----
>
> ^ I'm fairly sure that "-----BEGIN CERTIFICATE-----" shouldn't be a
> part of the CN for microsoft.com.
>
> On Mon, Dec 27, 2010 at 12:42 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>> On 28/12/10 06:42, Alex Ray wrote:
>>>
>>> Looks like dynamic ssl certs are still broken as of 3.2.0.4:
>>>
>>> microsoft.com uses an invalid security certificate.
>>>
>>> The certificate is not trusted because it is self-signed.
>>> The certificate is only valid for microsoft.com-----BEGIN CERTIFICATE-----
>>>
>>> (Error code: sec_error_untrusted_issuer)
>>
>> Does your browser trust the signing CA?
>> That message does not show up if the CA is installed in the browser.
>>
>> Amos
>> --
>> Please be using
>>  Current Stable Squid 2.7.STABLE9 or 3.1.10
>>  Beta testers wanted for 3.2.0.4
>>
>



-- 
Alex Ray

Technical Support Representative

Enhanced Software Products, Inc.

www.espsolution.net

800 456-5750



NOTICE: This e-mail may contain confidential or legally privileged
information and is intended solely for delivery to the specific person
identified as the recipient. Any review, re-transmission,
dissemination or other use or taking of any action in reliance upon
this e-mail by persons other than the intended recipient is prohibited
and may require legal action. If you receive this e-mail in error,
please contact me at the address above and delete from your computer
system, or otherwise from your records, the information, which was
transmitted to you in error.



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux