On Wednesday 05 September 2018 at 09:02:45, Arshad Ansari wrote:
> Hi All,
>
> I have setup squid 4.2 for forward proxy and caching. It is working fine
> when I am using self-signed certificate for SSL bump.
Good. Well done.
> However, our security requirement is to use only CA signed certificate and
> not self-signed certificate.
That won't work.
> I have tried various options like using Https and intercept but nothing
> seems to be working.
Indeed.
> My question is does SSL work with CA signed certificate?
SSL? Yes.
SSL Bump / interception, no - because if it did, you'd have a globally-trusted
certificate which you could use to fake any website on the Internet.
Security? The CA who gave you that certificate would disappear.
Antony.
--
Tinned food was developed for the British Navy in 1813.
The tin opener was not invented until 1858.
Please reply to the list;
please *don't* CC me.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
