I was wrong. There is no way to read the remote certificate and then decide whether to bump/splice the connection. -----Original Message----- From: Ahmad, Sarfaraz Sent: Wednesday, June 20, 2018 7:35 PM To: 'Amos Jeffries' <squid3@xxxxxxxxxxxxx>; squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: RE: Ignore SSL error and splice by ssl::server_name at the same time Yes. As always appreciate the quick support this community provides. :) Thank you guys ! Regards, Sarfaraz -----Original Message----- From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Amos Jeffries Sent: Wednesday, June 20, 2018 6:53 PM To: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: Ignore SSL error and splice by ssl::server_name at the same time On 21/06/18 00:25, Ahmad, Sarfaraz wrote: > I found the answer to my problem. The SNI and Subject CN were > different in my case and I was not peeking at step2 (meaning not > looking at the server certificate) that is why my ACLs were ineffective. > Ah, excellent. Does that mean your problem is now resolved? Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
