On 24/01/2017 11:27 a.m., Mustafa Mohammad wrote: > I'm trying to enable ssl bump but it says that > FATAL: No valid signing SSL certificate configured for HTTP_port [::]:the > port I'm listening on. I did a lot of research and I couldn't find the > answer. Any help would be deeply appreciated. > SSL-Bump feature requires the TLS/SSL options which are normally only mandatory on https_port. Specifically the cert= option needs to be pointing Squid at a CA cert with privileges to sign the auto-generated certs SSL-Bump creates. NP: a normal server cert such as one receives from the global root CAs is not sufficient. Also, please ensure you are using the latest versions of Squid with this feature (today that is 3.5.23 or later, the 4.0 beta if possible). SSL-Bump has gone through a lot of change and older implementations have some quite nasty limitations and side effects. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
