Dear Eliezer,
Please have look into http://bugs.squid-cache.org/show_bug.cgi?id=4711
the patches for this issue are already done. Many thx to Christos
Tsantilas!
@Amos: I hope you consider adding the patch to Squid 3.5 as well, since
for now it just has been added to Squid 4, maybe the reason is a testing
period or something similar. Would be nice to get an update like will be
added into upcoming release 3.5.xx :)
Am 2017-05-18 11:05, schrieb Eliezer Croitoru:
Hey List,
Since one of the subjects is SSL and specifically SSL-BUMP I noticed a
change today and found out that:
For Chrome 58 and later, only the subjectAlternativeName extension, not
commonName, is used to match the domain name and site certificate.
If the certificate doesn’t have the correct subjectAlternativeName
extension, users get a NET::ERR_CERT_COMMON_NAME_INVALID error letting
them
know that the connection isn’t private.
Google source:
https://support.google.com/chrome/a/answer/7391219?hl=en
So if someone will see something weird... it might not even be related
directly to squid!
Regards,
Eliezer
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer@xxxxxxxxxxxx
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
