On 28/10/2015 11:35 p.m., Yuri Voinov wrote: > Hi gents. > > I think, all of you who use Bump, seen much this messages in your > cache.log. > > SSL3_READ_BYTES:sslv3 alert certificate unknown > > AFAIK, no way to identify which CA is absent in your setup. > > I propose to consider the following questions: how do properly support > SSL proxy, if you can not identify the problem certificates? Telepaths > sunbathing in Bali. The procedure, which currently can not quickly and > in any way to effectively determine such a certificate. > > At the moment, the situation is as follows. SSL library - a thing in > itself, it runs by itself and does not write any logs. Squid - itself > and any useful information on the library does not receive but obscure > diagnostic messages. The possibility in any way specify the SSL library > diagnostic messages we have, and, as I understand it, will not. > > So, any ideas? Make sure Squid is sending the whole CA chain to the remote end? Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
