-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi all. Does anybody can tell me - is it possible to use subordinate secondary CA in squid for SSL Bumping purpose? I.e., we have self-signed primary CA for issue subordinate CA, subordinate CA we install in squid's setup, primary CA certificate install to clients. For example. For mimicking we'll using subordinate CA, and, in case of subordinate key forgery, we can use primary CA to revoke subordinate CA and re-issue them without total replacement primary CA on clients. This will seriously increase bumping security procedure, hm? I've tried this scheme with 3.5.11, but without success. WBR, Yuri -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJWbzQSAAoJENNXIZxhPexGR60IAJ/Q50kpDd9JDnaWP+CSk2k5 4l/cqbWjk+z3jJLHunvPfeURuq7l/7+cOBOvc5WTx0f05IOsg2M/+wv2IXocpjc7 FvtB5i6ZlBIGOVBPRbwoh/ipd8aR7W+zv+RvqzjDiO7NZ4PAWzN5ADW6+lIb4WfA Mjxk/zhpngrlMoVu1zc82OUhu5b3/FUKqSMeuodP9lMFzQWN/y15HUtxBErj0TD6 mLvAv627rlOGRd96ZpKNB4Cpgl1Nqx7nx+U74eE2bNdV+1zABSUMeHHNVFizKH5A g5c7Tds9nHumH+8HafWEmOFEsTLq+HLWlFp0vA/pq6Wo8GlCYo1UiDLNWn1OWi8= =l917 -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
