using squid 3.4.8, compiled from source with ./configure flags --enable-icap-client --enable-ssl --enable-ssl-crtd
configured iptables for transparent proxy (redirect 80 to 3128) and everything works fine
configured iptables for transparent proxy (redirect 443 to 3127) but can't get transparent proxy for https to work
my squid.conf
...
# Squid https port
https_port 3127 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/XXX.pem
acl broken_sites dstdomain .example.com
ssl_bump none localhost
ssl_bump none broken_sites
ssl_bump server-first all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib/squid/ssl_crtd -s /var/lib/squid/ssl_db -M 4MB
sslcrtd_children 32 startup=5 idle=1
when visiting google (or any other https site) chrome complains
NET::ERR_CERT_AUTHORITY_INVALIDI tried using internet explorer as admin and imported the self signed certificate but that hasn't helped
can anyone please with how to debug this
thanks, Robert
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
