# When I try to access an https: //
# With this setting:
http_port 127.0.0.1:3129 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem
sslproxy_options NO_SSLv2,NO_SSLv3,SINGLE_DH_USE
ssl_bump none localhost
ssl_bump server-first all
sslproxy_flags DONT_VERIFY_PEER
sslproxy_cert_error allow all
# Cache.log reports this error:
assertion failed: PeerConnector.cc:116: "peer->use_ssl"
# With this setting:
http_port 127.0.0.1:3129 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem
sslproxy_options NO_SSLv2,NO_SSLv3,SINGLE_DH_USE
ssl_bump none localhost
ssl_bump bump all
sslproxy_flags DONT_VERIFY_PEER
sslproxy_cert_error allow all
# The browser designates that the connection is not private, NET::ERR_CERT_AUTHORITY_INVALID
Is it necessary for the cache_peer to be compiled with --enable-ssl-crtd and --with-openssl and configured with ssl_bump to be able to use ssl_bump on my squid child server? Or there is a way to configure ssl_bump on the child only, even if the parent does not.
Please help.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
