On 20/11/17 21:06, G~D~Lunatic wrote:
with your help. i changed my configure. and now the https problem is that SEC_ERROR_UNKNOWN_ISSUER. i use squid 3.5.27 as a transparent proxy and a icap client .With the proxy , i access most of https websites like www.amazon.com http://www.hupu.com. but failed . So i want to know where problem is or how to deal with it.
The config you presented has one major problem - you have configured ssl-bump option on the https_port but do not have any ssl_bump directives telling Squid what bumping actions are to be done.
What Squid does under that circumstance is bump the TLS using an invalid server certificate and deliver an error page to the client in hopes that either the invalid cert will throw up an error, or the error page might be displayed.
Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
