On 11.05.2014 18:24, Tom Holder wrote:
you'd have the same problem, without Squid, because then the browser would try to connect with your fake site1.com;Hi, I've configured Squid 3 with SSL bump and dynamic SSL generation and it works really well when I use it for just browsing the Internet. My problem is I'm trying to 'mimic' a live web site and the server Squid is on does not have access to the live Internet. E.g. site1.com doesn't actually go to site1.com on the live Internet I'm redirecting it to a local version of site1.com The problem is dynamic SSL generation and SSL Bump requires connecting to the real site1.com to grab the certificate. When it tries to connect to my local site1.com there is just a generic SSL I've generated with the wrong common name and this causes the browser to throw an SSL error.
install on this site1.com website a cert with correct CN, and everything works fine;
<<attachment: smime.p7s>>
