>There should not need to be anything configured though. Rejecting >unknown root CAs is how TLS is designed to work. With splice the error >should be produced by your UA/Browser. Although the client I have has the root cert of that untrusted CA from server but getting the TLS handshaking error, it was not the client locally rejects that. Does that change anything regarding the splice operation does not need any configure for that operation (if it's a squid)? thanks. George -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users