Yuri,
I am new to squid I learned it through searching google. My question is I generated self-signed SSL certificates and install certificates on IE all clients.
I didn’t install proxy public key. Can you tell me where I have to put proxy public key on clients. Appreciate you help!
Thanks,
Naresh
From: Yuri [mailto:yvoinov@xxxxxxxxx]
Sent: Wednesday, July 19, 2017 5:06 PM
To: Cherukuri, Naresh; squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: [squid-users] Squid Version 3.5.20 Any Ideas
Related OpenSSL public CA bundle - in theory it should be installed together with OpenSSL.
20.07.2017 2:49, Cherukuri, Naresh пишет:
Thanks Yuri for quick turnover!
We inly installed root certificate on all clients. We didn’t install proxy CA’s public key on clients. So you suggestion fix that we need to install both certificate
and proxy ca’s public key on clients.
Thanks,
Naresh
One out of two. Either the Squid does not see the OpenSSL/system root CAs bundle, or the proxy CA's public key is not installed in the clients. It's all.
19.07.2017 23:30, Walter H. пишет:
Hello,
this seems not to be the problem, as the error messages are in cache.log, which is not a browser problem ...
the question: are the SSL bumped sites in intranet, which use a self signed CA cert itself, which squid doesn't know?
On 19.07.2017 17:36, Yuri wrote:
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
http://i.imgur.com/A153C7A.png
19.07.2017 21:34, Cherukuri, Naresh пишет:
Hi All,
I installed Squid version 3.5.20 on RHEL 7 and generated self-signed CA certificates, My users are complaining about certificate errors. When I looked at cache.log I see so many error messages like below. Below is my squid.conf file. Any ideas how to address
below errors.
Cache.log
2017/07/18 16:05:34 kid1| Error negotiating SSL connection on FD 689: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown (1/0)
2017/07/18 16:05:34 kid1| Error negotiating SSL connection on FD 1114: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown (1/0)
2017/07/18 16:05:37 kid1| Error negotiating SSL connection on FD 146: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown (1/0)
2017/07/18 16:05:41 kid1| Error negotiating SSL connection on FD 252: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown (1/0)
2017/07/18 16:05:41 kid1| Error negotiating SSL connection on FD 36: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown (1/0)
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
|
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users