Not necessarily certificates. Exactly the same code gives the SSL pinning. 07.12.2017 1:21, Alex Rousskov пишет: > On 12/06/2017 12:06 PM, Hugo Saavedra wrote: >> 2017/12/06 16:02:37 kid1| Error negotiating SSL connection on FD 61: >> error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca >> (1/0) > You may be able to fix this problem by updating your collection of > public CA certificates. Squid uses CA certificates to validate > certificates presented by origin servers. You may be able to confirm > that your collection is stale and know more (e.g., which CA certificate > is unknown) if you can map the above error to an access.log entry that > would give you the origin server name to interrogate. > > Similar reasoning applies to other SSL-related cache.log errors as well, > but troubleshooting them may require more efforts (e.g., starting with a > higher debugging levels and/or packet captures). > > Alex. > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -- "Some people, when confronted with a problem, think «I know, I'll use regular expressions.» Now they have two problems." --Jamie Zawinsk ************************** * C++: Bug to the future * **************************
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
