Search squid archive

Re: Re: anyOne who has working ssl_bump configuration for facebook ???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The config looks good, as long as you configure your browsers to use port 3127 
for HTTPS. You don't need the example broken_sites acl, but it is also 
harmless.

Please open the Firefox settings and go to Advanced - Certificates - View 
certificates. A new window will appear. Click the Authorities tab and search 
for the Squid certificate. If it does not appear in the list, you have the 
answer. It is also the most common cause of "Untrusted certificate" errors, 
although not the only possible one.

BTW, I would recommend you to specify the "-config /etc/openssl.cnf" parameter 
to openssl when creating the certificate, and to edit /etc/openssl.cnf to 
adjust some settings, like the key length.

Please provide more details about which certificate errors you get; otherwise 
it's hard to know what's wrong.


Regards,
Victor


El Viernes, 22 de noviembre de 2013 05:37:51 iishiii escribió:
> I tried to import the certificate .... but not sure it was correct or not
> ...i am using chrome ...firfox ...EI10 for testing ... the following is my
> setting ....
> 
> http_port 3128 intercept
> https_port 3127 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/myCA.pem
> acl broken_sites dstdomain .example.com
> ssl_bump none localhost
> ssl_bump none broken_sites
> ssl_bump server-first all
> sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s
> /usr/local/squid/var/lib/ssl_db -M 4MB
> sslcrtd_children 5
> 
> i followed the procedure of this tutorial
> http://pen-testing-lab.blogspot.com/
> 
> Please guide me by steps how you done get it working please
> 
> 
> 
> --
> View this message in context:
> http://squid-web-proxy-cache.1019090.n4.nabble.com/anyOne-who-has-working-s
> sl-bump-configuration-for-facebook-tp4663452p4663454.html Sent from the
> Squid - Users mailing list archive at Nabble.com.


RSVP: "State of the Backup Appliance Market" webinar featuring leading analyst firm IDC. Tuesday, November 19, 10am PST. Register at http://www.barracuda.com/idcwebinar.





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux