Hi Liam! Thanks for your reply. Its very interesting, because in the access.log file I see the correct things, GET POST request with both browsers. But when I start a tcpdump capture on the squid listening interface, only the traffic generated by Internet Explorer can be decrypted. The squid CA is inserted into the root CAs in firefox success, and I see firefox is using my cert, as the Internet Explorer does. I use dynamic ssl generation feature with ssl bump server first directive. ssl_bump server-first all https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/MyCA.pem Thanks! -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/SSL-decryption-problem-using-Mozilla-Firefox-tp4666567p4666569.html Sent from the Squid - Users mailing list archive at Nabble.com.
