Search squid archive

Re: Use squid to disable outdated security certificate warning?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/10/23 7:19 PM, Peter Hucker wrote:
Somebody mentioned if Boinc accesses the internet through a proxy (and I already have it going through squid to cache data) I can get the proxy to disable this. Is this possible and how?

As Amos said, it depends.

I would assume that you could use something like Squid's TLS intercepting capability to present current certificates from a locally trusted root CA to the Boinc client.

I think the biggest hurtle will be getting Squid to accept expired certificates from upstream servers and / or expired root certificates needed by upstream servers. Maybe there are some knobs that can be twiddled to allow this.

There might be other ways to address this. This starts to get into black hat TLS busting methodology, but for what seems to be a white hat reason.



--
Grant. . . .
unix || die

<<attachment: smime.p7s>>

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux