On 11/01/2013 08:34 AM, Lennert Rienau wrote: >> Because you use client-first bumping on intercepted traffic. >> The only details Squid has at that point are the IP address and port the >> clients ws connecting to. >> >> You need server-first bumping to contact the server and find out what >> domain(s) its certificate indicate. > Thank you for your anwser, when i change it to ssl-server-first mode > this error appears: "FATAL: unknown ssl_bump mode: > ssl-server-first". It is "server-first" not "ssl-server-first". Please read squid.conf.documented description of ssl_bump or http://www.squid-cache.org/Doc/config/ssl_bump/ Thank you, Alex. > Should i apply this patch: http://www.squid-cache.org/mail-archive/squid-dev/201207/att-0144/BumpSslServerFirst-t11-Amos-requests-part.patch > or is there another workaround? i run squid 3.3.9. > > Thanks! >
