Hi again, In addition i can say this problem (sec_error_unknown_issuer) appears when i am using a "real" certificate from verisign who is well known by the web browser. I readed here : http://squid-web-proxy-cache.1019090.n4.nabble.com/Need-help-on-SSL-bump-and-certificate-chain-td4659421.html That i can't do what i want with a signed certificate from a known authority. So i try using a self signed certificate but it doesn't work with the error : sec_error_untrusted_issuer Le 24 mars 2014 à 11:48, Emmanuel LAZARO - S.IM.KO. <em.lazaro@xxxxxxxx> a écrit : > Hi all, > > I get on the web browsers : Code d'erreur : sec_error_unknown_issuer > > Can someone help me ? > > > Le 19 mars 2014 à 08:53, Emmanuel LAZARO - S.IM.KO. <em.lazaro@xxxxxxxx> a écrit : > >> Hi all, >> >> I am using Squid 3.4.4 on debian wheezy compiling the sources. >> >> I am trying to configure squid as a transparent proxy using : >> >> https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/CertifSignature/SquidServeurVeriSign.pem key=/etc/squid3/CertifSignature/Squid.key >> >> The SquidServeurVeriSign.pem have been signed by verisign. >> >> How can i avoid the alerts on firefox or safari (i am in a mac osx environment) because the alerts are spoting on every https pages : >> >> "Connexion not certified >> >> You asked firefox to connect... we can't confirm the connexion is secured...website identity can't be verified." >> >> Sry for the translation... >> >> Can someone help me ? >> >> NB : I imported the root certificate in my firefox. >> ------ >> >> LAZARO Emmanuel >
