Hai, I would say facebook protected there certificates with TSLA. Then you cant use ssl bump if im correct. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: squid-users > [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] Namens > Julian Perconti > Verzonden: dinsdag 12 juni 2018 21:55 > Aan: squid-users@xxxxxxxxxxxxxxxxxxxxx > Onderwerp: Re: SSL errors with Squid 3.5.27 > > >Interesting. > > > >The main issue was that you configured only params for the > Diffi-Helman (DH and DHE) ciphers - no >curve name. That > meant your specified EEC* ciphers were disabled since they > require a curve name as >well. > > > >Removing this option completely disables both DH and ECDH > cipher types. > >Leaving your proxy with only the RSA based ciphers. > > > >Amos > > kid1| Error negotiating SSL on FD 60: error:14007086:SSL > routines:CONNECT_CR_CERT:certificate verify failed (1/-1/0) > > Hi Amos, > > I still have no look to connect with WhatsApp from iOS. > > How do I can track this error?: > > kid1| Error negotiating SSL on FD 60: error:14007086:SSL > routines:CONNECT_CR_CERT:certificate verify failed (1/-1/0) > > I mean examine the FD, ...or.. what? How? Because from iOS i > cant see any error, it just tries to connect indefinitely. > > Some whatsapp/Facebook server with the command: > > Openssl s_client -connect -showcerts x.x.x.x:443 > > Does not shows any cert and establishes a connection with TLS 1.2... > > Any idea? > > Thank You > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users > _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
