On Mar 13, 2011, at 9:09 AM, arielf wrote: > Apparently the squid configuration is ok. > > ---------------- > http_port 3128 ssl-bump key=server-key.pem cert=server-cert.pem > ssl_bump allow all > ------------------ > > That is I tried a different 3rd party https site (my bank :) and everything > seems to work fine. > So the problem exists only when I try to use squid as proxy for my own > created https site which is run on a tomcat that I configured the security > for. > > Could it be that squid works only with CA certified sites? Seems like you would need to set sslproxy_flags DONT_VERIFY_PEER in squid.conf to allow certificates that can not be verified. Guy -------- This message has been scanned by ComplianceSafe, powered by Palisade's PacketSure.
