On Tue, Jan 12, 2021 at 10:33:00AM +0200, Eliezer Croitoru wrote: > > Any hints might help to find and resolve this issue From my experience MS Update and probably the store too use custom root certificates; check if that's the case. It's also possible that that connection is so hardwired that it doesn't accept a redirect. So it sees that and become suspicious (Windows Update is extremely suspicious :D) For some antivirus (avast maybe? I don't remember) the updater actually checks the server certificate fingerprint so you can't bump it and you need a special NAT rule for all the fscking IPs it uses (if you set a proxy it does a connect BY IP and not by name, and the IPs are hardcoded and not resolved by DNS). So it is possible you can't bump a store connection (remember that technically a bump is a MITM intrusion that TLS is explicitely design to detect!) -- Lorenzo Marcantonio
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
