On 03/19/2014 05:53 AM, Emmanuel LAZARO - S.IM.KO. wrote: > I am trying to configure squid as a transparent proxy using : ... > The SquidServeurVeriSign.pem have been signed by verisign. You need to create a self-signed (a.k.a. Root CA) certificate that is capable of signing any site certificate. Verisign will not sign your Root CA certificate so if your certificate is signed by Verisign, then your certificate is not a Root CA certificate. Needless to say that a browser with your Root CA certificate installed will trust any site signed by your Root CA certificate, just like it trusts any site signed by Verisign now. Be careful! There are many web pages with instructions on how to create a self-signed certificate, including a sketch at http://wiki.squid-cache.org/Features/DynamicSslCert Alex.
