On 8/09/2012 2:16 a.m., Roman Gelfand wrote:
I previously understood that with squid 3.2 end user will be able to see filtered certificate errors and decide whether to accept or reject a certificate. By filtered, I mean, certificate errors found by squid were going to be passed to end user to decide on whether to accept or reject. Is this correct? If yes, can you point me to a configuration.
That is a squid-3.3 feature. You need to grab the 3.HEAD tarballs and self-build.
3.2 series just polishes up a lot of the connectivity issues and other bugs 3.1 had which were affecting SSL-bump, and adds dynamic certificate generator feature for HTTPS interception.
Amos
