Hi, can you please explain me, does squid support ssl bumping with site signed with GOST certificate?
I have OpenSSL 1.0.2d 9 Jul 2015
openssl engine
(dynamic) Dynamic engine loading support
(gost) Reference implementation of GOST engine
openssl ciphers | grep GOST
GOST2001-GOST89-GOST89:GOST94-GOST89-GOST89
/opt/squid/sbin/squid -v
Squid Cache: Version 3.5.19
Service Name: squid
configure options: 'CFLAGS=-march=i686 -g -O2' 'CXXFLAGS=-march=i686 -g -O2' '--prefix=/opt/squid-3.5.19-4' '--enable-async-io=32' '--enable-storeio=ufs,aufs,rock,diskd' '--enable-disk-io' '--enable-removal-policies=heap,lru' '--enable-useragent-log' '--enable-referer-log' '--enable-arp-acl' '--with-openssl' '--enable-forw-via-db' '--enable-cache-digests' '--enable-linux-netfilter' '--enable-basic-auth=all' '--enable-ntlm-auth=all' '--enable-ntlm-fail-open' '--enable-negotiate-auth=all' '--enable-external-acl-helpers' '--with-filedescriptors=32768' '--with-large-files' '--enable-delay-pools' '--enable-ssl-crtd' '--disable-static' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-swapdir=/var/data/squid/cache' '--disable-arch-native'
SSL bumping with dynamic certificates working well but when I try to go to site with GOST certificate,
I see error -
The system returned:
(71) Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)Handshake with SSL server failed: error:0609E09C:digital envelope routines:PKEY_SET_TYPE:
unsupported algorithm
Please explain me this Error please
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
