Search squid archive

Re: Squid 5: server_cert_fingerprint not working fine...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Squid Team,

 

Can you have a look to this bugzilla case :

https://bugs.squid-cache.org/show_bug.cgi?id=5245

 

it’s about a bug with Squid 5.7 and TLS 1.3.

Critical case created the 2022-10-27 09:59 UTC, it would be nice to have a fix/patch…

 

Thanks in advance.

 

Best regards,

Bye Fred

 

De : squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] De la part de UnveilTech - Support
Envoyé : mardi 25 octobre 2022 18:22
À : squid-users@xxxxxxxxxxxxxxxxxxxxx
Objet : Squid 5: server_cert_fingerprint not working fine...

 

Hello,

 

Here is the part of our squid.conf on Squid 5 :

acl my_cf1_list server_cert_fingerprint '/etc/squid5/CF1.txt'

ssl_bump peek all

ssl_bump terminate my_cf1_list

ssl_bump splice all

...

 

We're not sure about the ssl_bump keys and options to use here, to be honnest we've already spend hours to find the right way to make it working fine.

 

Here are some samples from the CF1.txt file:

# dayznews.biz

FB:EC:F7:AE:F4:BD:F4:85:68:C0:81:65:99:BA:7D:D3:FA:F8:51:74

# cdeveloper.cn

94:0A:C0:53:A0:E9:74:CE:91:12:6E:FD:06:57:08:58:B2:A5:76:10

 

1.       Is the server_cert_fingerprint working correctly or are there any bugs with the v5 ?

2.       Are the ssl_bump options/order correct ?

 

Any tips are welcome, thanks in advance…

 

Best regards,

Bye Fred

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux