Re: Using CA signed certificate for SSL bump

Alex Crow <alex@xxxxxxxxxxxxxxx> · Wed, 5 Sep 2018 12:05:17 +0100



    You can set up your own internal CA. You then have the CA key (so
      can generate certificates for any domain) and install the CA
      public certificate on all client machines.
    

    That CA can be anything from a local CA on the squid box, using a
      central VM with something like XCA installed, all the way to an
      enterprise HSM.
    

    But you must have the CA key. There is no way a commercial CA
      would give you a universal signing key.
    

    Alex

    
    On 05/09/18 08:02, Arshad Ansari wrote:

    
          Hi All,
        
           
          I have setup squid
            4.2 for forward proxy and caching. It is working fine when I
            am using self-signed certificate for SSL bump.
        
           
          However, our
            security requirement is to use only CA signed certificate
            and not self-signed certificate.
        
           
          I have tried
            various options like using Https and intercept but nothing
            seems to be working.
        
           
          My question is
            does SSL work with CA signed certificate?
        
           
          Regards,

            Arshad
        

      _______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

    
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users