On 06/21/2017 10:15 AM, Nikita wrote: > Is it possible to allow self-signed SSL certificates for ICAP server > connections somehow? Can you configure your OpenSSL library (or equivalent) to trust the ICAP server certificate? Squid deletages most of the certificate validation work to OpenSSL (or equivalent). > There is tls-flags=DONT_VERIFY_PEER flag, but in this case Squid > don't send it's own certificate to ICAP server Why do you think tls-flags=DONT_VERIFY_PEER only works if Squid sends its own certificate? The two actions (from-peer certificate validation and sending of a certificate to a peer) seem unrelated to me. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
