On 26.03.18 21:47, Yuri wrote:
Waaaaaaa, Matus,
the idea is trivial.
Catch SSL UNKNOWN ISSUER error on squid's acl and redirect by 302 to
proxy page with instructions. Which requires user's involving.
How much can repeat the obvious ....
you can't catch the "SSL UNKNOWN ISSUER" on squid, since it's a client error
(so squid can't see it) and it happens BEFORE squid sends ANYTHING to the
client.
26.03.2018 21:41, Matus UHLAR - fantomas пишет:
On 25.03.18 23:47, Eliezer Croitoru wrote:
I do not know your level of JS or other thing but... a splash page is
mearly a transition step.
Since you can check using JS if the certificate is installed
And how do you push the JS into the client?
when client tries to fetch https://www.google.com/ and you don't have
cert
for www.google.com, answering with any other certificate by unknown
authority will produce error before the JS is loaded.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez obav zapnut.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users