Alright, I figured out a possible cause. I downloaded the certificate that the browsers were complaining about, and used openssl verify to verify against the root certificate that I have. I got error 20, indicating that squid must not be using the correct root certificate to generate the client certificate on the fly, or that it is being generated incorrectly. The generated certificate shows all the correct properties of the root certificate that I am using, so my conclusion is that squid is incorrectly generating the client certificate. Question: Under what circumstances might squid incorrectly generate a bump certificate? Another question: Why might it be working when I use a different root certificate? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Existing-root-certificate-not-working-with-SSL-Bump-squid-3-3-10-tp4668515p4668527.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
