Search squid archive

Re: Forward Proxy Mode HTTPS Connect with invalid server certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 30/08/2014 6:55 a.m., Eduard Deffner wrote:
> Dear Team!
> 
> My problem is about using squid in the forward proxy mode. Squid
> Version 3.3.8 under openSUSE 13.1 in conjunction with squidguard 
> The general function everythings works well. But if any client in
> our LAN try to connect to a https-Site that have a invalid server
> certificate (the URL of the cert is other than the URL of the site)
> the proxy refuse the connection. If the cert is valid everything is
> OK.

If you are using proper forward proxy mode and CONNECT requests then
teh proxy has nothign to do with the HTTPS. All the proxy does is open
a TCP connection to the server and pump bytes back and forth between
client and server machines.
 Anything related to te connection TLS is strictly between the client
and server software which are communicating over that tunnel.

Amos

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUBH01AAoJELJo5wb/XPRj1KYIAJP/GAV7fN+sskeBlmrJiQGh
X6RBcmhU3WvSLcjIMoejFWFXZ9RvRXOOQxq5sGHcdMMIseF/ePusgkaHrJGstk3c
qZBpePyrgxh3r6i7KNSd99vsCo9u+786DtjO+1d7aXy09zgJJ6Hh/K2kysL/wO0C
LFt3XfKElULmqQqPEKWHcwRmAeXCXURVAjar7chuBa/333bWRMxt0l5O9y4I3AQg
7sVvpwGoEAg3el/PBxDgX1jiNuZziGSsMkqpiHldbF/gYLckgsckHB0bbU1hFjWP
xoCfTx3sgxCDTIJ9RPTEKOeE8BArCmqzyE8kYhaC7LIrJMXsxZzL26T0CQwU8QE=
=cJ+5
-----END PGP SIGNATURE-----




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux