Search squid archive

Re: Sending intermediate certificate with SSL-Bumped Certificate. (V3.5.1516-3-2-r14000)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I can confirm that this configuration works as requested with the
configuration Jok Thuau had posted with the latest version 3.5.16.

Thank you so much for the response and the assistance.

On Thu, Apr 7, 2016 at 1:15 PM, Jok Thuau <jok@xxxxxxxxxx> wrote:
> with 3.5.15, I have this config:
>
> ---8<---
> https_port 8443 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=64MB \
>     cert=/etc/squid/ssl/proxy.pem \
>     key=/etc/squid/ssl/proxy.key \
>     cafile=/etc/squid/ssl/proxy.pem
> --->8---
>
> proxy.pem is the concatenation of both the CA cert (intermediate) followed
> by the root cert (my offline CA). Best i can tell, all of it is sent back to
> the client (generated cert, intermediate and root CA).
>
> HTH
> Jok
>
>
>
>
> On Thu, Apr 7, 2016 at 10:59 AM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
>>
>> On 7/04/2016 5:25 a.m., Nicolaas Hyatt wrote:
>> > Amos,
>> > Thanks for your quick response and your time. I have not yet messed with
>> > 4.0. Is this something that may find its way into the 3.x stable branch
>> > at some point?
>> >
>>
>> Maybe. I am reliant on the guys doing OpenSSL code (aka. Christos) to
>> test the backporting though. So it will depend on whether he thinks its
>> important enough.
>>
>> I'm hopeful, but no guarantees.
>>
>> Amos
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users@xxxxxxxxxxxxxxxxxxxxx
>> http://lists.squid-cache.org/listinfo/squid-users
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users
>
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux