23.10.2017 23:51, L A Walsh пишет: > I've seen this before w/google in Opera -- but it doesn't seem > to happen with IE or Palemoon (both going through my SSL-bumping proxy). > Even my housemate, going through the proxy using Chrome doesn't > get this error (it also uses the system cert location). > When I bring up the security dialog in Opera, it brings up the same > dialog I see under the Win Control Panel under Internet Settings, > the "Content" tab -- where I see Certificates. My proxy cert is > listed under the Trusted Root Cert Authorities. > > > So why is Opera failing when going to google.com? > Ideas? Try to add this: # Disable HSTS reply_header_access Strict-Transport-Security deny all reply_header_replace Strict-Transport-Security max-age=0; includeSubDomains in your config. > > Thanks! > Linda > > > > > Your connection is not private > > This server could not prove that it is *www.google.com*; its security > certificate does not specify Subject Alternative Names. This may be > caused by a misconfiguration or an attacker intercepting your connection. > > You cannot proceed because the website operator has requested > heightened security for this domain. > > Back to safety > > > Help me understand > > When you connect to a secure website, the server hosting that site > presents your browser with something called a "certificate" to verify > its identity. This certificate contains identity information, such as > the address of the website, which is verified by a third party that > your computer trusts. By checking that the address in the certificate > matches the address of the website, it is possible to verify that you > are securely communicating with the website you intended, and not a > third party (such as an attacker on your network). > > You cannot visit www.google.com right now because the website uses > HSTS. Network errors and attacks are usually temporary, so this page > will probably work later. > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -- ************************** * C++: Bug to the future * **************************
Attachment:
0x3E3743A7.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
