On 1/11/2013 5:11 p.m., Lennert Rienau wrote:
Hi,
i want squid to create dynamic ssl certificates in intercept mode, which works, but squid uses ip-addresses for the certificates of the site, not the host name.
Does anybody know why this happens?
Because you use client-first bumping on intercepted traffic.
The only details Squid has at that point are the IP address and port the
clients ws connecting to.
You need server-first bumping to contact the server and find out what
domain(s) its certificate indicate.
Amos
