On 16/10/15 13:34, Dan Charlesworth wrote: > Thanks! > > So ignoring the “bumpable” helper check, it’s effectively peeking at step1 and then bumping it like my config’s doing. > > I wonder what else could be differentiating it. Is your proxy CA just installed in the Login keychain? Nope - did it "properly" at the OS level. Get a PEM version of your squidCA pubkey and as root do security add-trusted-cert -d -r trustRoot -p ssl -p smime -p IPSec -p eap -p basic /path/squidCA.pem > /dev/null 2>&1 || true certtool i "/path/squidCA.pem" k=/System/Library/Keychains/X509Anchors > /dev/null 2>&1 || true The "ipsec/smime" stuff is actually not needed - but I don't care ;-) I went for the carpet bombing approach for the Mac (which I don't know well) -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
