-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Yes no problem. Signs the certificate of the local web server with root certificate the proxy, which is already in user's browser - and voila. 13.06.2016 15:01, Antony Stone пишет: > On Monday 13 June 2016 at 10:51:35, Eng Hooda wrote: > >> Thank You for your response. >> Using the certificate is something I want to avoid. >> So I think it's acceptable as it is now. >> >> I searched again and found an explanation , copied below FYI. >> >> "To serve an HTTP error to an SSL client, Squid has to establish an SSL >> connection with that client." > > Yes, but the point is that the client originally requested an SSL connection > to a particular server, and if it gets a reply (even though it is an SSL > reply) back from something with a certificate which doesn't match that server, > the client will complain, showing a security alert to the user. > > > Antony. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXXpEvAAoJENNXIZxhPexGbZUH/j0HGg0L3KWAbRIyGBQ1sa2b X/oE+gU9gKZYaBfK7DOj+NbdR3zQ6hmxiONsmp7Be0L2S3Eis1816yP6Hyg9BHVb HdtbIYL66akVULNev6TVf61KPAHNGVbeNGM6xjhMW/0jnRl/TJ/cVKsBzFFSvFg3 Gj5rEkOKsPEZLdkJccop/p99iufAtfwQW31FxRPFPOF6q2IgcIhgB5nm6T2yrnQV kU/suCjsVQj2V35Y/ZDY88irvP1cn0NBbqyw870HV7WsOQYyh+5Kk3iOCwrQY4Mo UWSLvDM/Qjm0YzESSng4tcs8XVPG6C0tbzzpLOOySlmB/gBhJimVfUS41s/QcIo= =wiaW -----END PGP SIGNATURE-----
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
