On 12/07/2014 7:33 p.m., Eugene M. Zheganin wrote: > Hi. > > Squid-3.3.11 > FreeBSD 10.0-STABLE > > I've set up SSL bumping in order to deal with file uploading (actually > to block file uploading for certain groups of users) via HTTPS. > It works just fine for most of the HTTPS enabled sites, but with some > Google sites I have a problem - browsers (FF for example) display an > error - "www.youtube.com uses an invalid security certificate. The > certificate does not come from a trusted source. (Error code: > sec_error_inadequate_key_usage)". Sounds like http://bugs.squid-cache.org/show_bug.cgi?id=3966 PS. 3.3 series will never get this fix. It is on the TODO list for a 3.4.7 porting attempt, but the volatile SSL-bump related infrastructure in Squid in recent years makes it unlikely to succeed. Amos
