On 1/03/20 3:57 pm, GeorgeShen wrote: > > Is there a way, not using ssl-bump, on squid to verify the remote server has > the certificate signed by some well-known CA or self-signed? What are you trying to do exactly? All root CAs are self-signed, even the "well-known" ones. It is just a matter of who did the self-sign. So the answer you need may be one of several things - which may not even involve cert inspection. > does that > change if the server is running TLS 1.2 or 1.3? > No. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
