Search squid archive

Re: yum update fails when using squid even though .redhat.com is whitelisted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 21/11/2019 12:51, Kassir Bariq wrote:

Hi,

 

You can add this line in your squid.conf

                    sslproxy_cert_error allow allowed_https_sites

this should fix your issue to bypass sites without a valid certificate.

 


I probably wouldn't do this blindly, either use a different acl such as known_broken_cert_sites and add sites that you have trouble with to that ACL.

I believe Palo Alto and Bluecoats have a feature mechanism to provide the client with an appropriately broken cert , e.g. if the cert is expired, but has a trusted chain then it uses an expired cert with a trusted chain to the client, and if a cert is self signed, then it sends a self-signed cert to the client.

I don't know whether Squid also has that mechanism, but would probably be preferred.

-- 
Giles Coochey
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux