I have squid 4.9 built with https support in which I created a certificate following tutorial. Squid starts, appears to be running fine. http whitelist with user groups working....trying to add https support. copy/paste from example of what I did to create certificate. openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -extensions v3_ca -keyout myCA.pem -out myCA.pem certtool --generate-privkey --outfile ca-key.pem certtool --generate-self-signed --load-privkey ca-key.pem --outfile myCA.pem openssl x509 -in myCA.pem -outform DER -out myCA.der 1) problem when trying to import myCA.der certificate into firefox: "This is not a certificate authority certificate, so it can’t be imported into the certificate authority list" 2) My goal is simply to whitelist sites, I do not have a need to view the traffic. Is following ssl-bump examples the right/only approach or is easier way to let the client connect directly, but preventing any connection except if on the whitelist? Thanks, Tony -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
