Hello, I'm trying to integrate Squid with secure ICAP server over icaps:// protocol for two-way authentication (icap_service configuration directive).
I find out that Squid reject self-signed certificate of ICAP server and there is no obvious workaround.
There is tls-flags=DONT_VERIFY_PEER flag, but in this case Squid don't send it's own certificate to ICAP server, so more accurate workaround needed. sslproxy_cert_error configuration directive with ssl_error acltype don't help as well.
Is it possible to allow self-signed SSL certificates for ICAP server connections somehow? Probably I miss some obvious solution since I have no experience in Squid configuration.
I find out that Squid reject self-signed certificate of ICAP server and there is no obvious workaround.
There is tls-flags=DONT_VERIFY_PEER flag, but in this case Squid don't send it's own certificate to ICAP server, so more accurate workaround needed. sslproxy_cert_error configuration directive with ssl_error acltype don't help as well.
Is it possible to allow self-signed SSL certificates for ICAP server connections somehow? Probably I miss some obvious solution since I have no experience in Squid configuration.
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
