SSLBump+DynamicSSL was working for me in squid-3.2.0.5-20110329, I built and tried 3.2.0.7 last night and it seems to present the spoofed cert to the browser but the page never loads. Can anybody else verify this behavior? ./configure --datadir=/usr/share/squid3 --sysconfdir=/etc/squid3 --mandir=/usr/share/man --with-cppunit-basedir=/usr --enable-inline --enable-async-io=8 --enable-storeio="ufs,aufs,diskd" --enable-removal-policies="lru,heap" --enable-delay-pools --enable-cache-digests --enable-underscores --enable-icap-client --enable-follow-x-forwarded-for --enable-arp-acl --enable-esi --disable-translation --with-logdir=/var/log/squid3 --with-pidfile=/var/run/squid3.pid --with-filedescriptors=65536 --with-large-files --with-default-user=proxy --enable-ssl --enable-ssl-crtd --enable-ecap && make && sudo make install #relevant portion of the squid.conf that works with squid-3.2.0.5-20110329 http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/will.lan.pem sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s /usr/local/squid/var/ssl_db -M 4MB sslcrtd_children 5 always_direct allow all ssl_bump allow all sslproxy_cert_error allow all sslproxy_flags DONT_VERIFY_PEER
