On 11/05/2016 6:35 p.m., Компания АйТи Крауд wrote: > hi! > > I use squid 4.0.10 in INTERCEPT mode. If I deny some users > (ip-addresses) with > > acl users_no_inet src "/etc/squid/ip-groups/no-inet" > http_access deny users_no_inet > > ERR_ACCESS_DENIED is displayed then go to HTTP. If go to HTTPS then > first I see browser's NET::ERR_CERT_AUTHORITY_INVALID, and then click > "unsecure" see ERR_ACCESS_DENIED. > > How to make that right display ERR_ACCESS_DENIED on HTTPS for deny user > in Squid 4.0 ? > What you describe above is correct behaviour. The browser does not trust your proxy's CA. The only way to get around the browser warning about TLS security issue is to install the CA used by the proxy into the browser trusted CA set. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
