-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 30/08/2014 6:55 a.m., Eduard Deffner wrote: > Dear Team! > > My problem is about using squid in the forward proxy mode. Squid > Version 3.3.8 under openSUSE 13.1 in conjunction with squidguard > The general function everythings works well. But if any client in > our LAN try to connect to a https-Site that have a invalid server > certificate (the URL of the cert is other than the URL of the site) > the proxy refuse the connection. If the cert is valid everything is > OK. If you are using proper forward proxy mode and CONNECT requests then teh proxy has nothign to do with the HTTPS. All the proxy does is open a TCP connection to the server and pump bytes back and forth between client and server machines. Anything related to te connection TLS is strictly between the client and server software which are communicating over that tunnel. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUBH01AAoJELJo5wb/XPRj1KYIAJP/GAV7fN+sskeBlmrJiQGh X6RBcmhU3WvSLcjIMoejFWFXZ9RvRXOOQxq5sGHcdMMIseF/ePusgkaHrJGstk3c qZBpePyrgxh3r6i7KNSd99vsCo9u+786DtjO+1d7aXy09zgJJ6Hh/K2kysL/wO0C LFt3XfKElULmqQqPEKWHcwRmAeXCXURVAjar7chuBa/333bWRMxt0l5O9y4I3AQg 7sVvpwGoEAg3el/PBxDgX1jiNuZziGSsMkqpiHldbF/gYLckgsckHB0bbU1hFjWP xoCfTx3sgxCDTIJ9RPTEKOeE8BArCmqzyE8kYhaC7LIrJMXsxZzL26T0CQwU8QE= =cJ+5 -----END PGP SIGNATURE-----