On 2024-04-17 09:07, Rauch, Mario wrote:
We are receiving following errors when clients
want to connect to specific website using ssl bump feature and self
signed certificate:
2024/04/17 14:55:15 kid1| ERROR: failure while accepting a TLS
connection on conn275 local=185.229.91.169:3128
remote=81.217.86.125:63673 FD 16 flags=1:
SQUID_TLS_ERR_ACCEPT+TLS_LIB_ERR=A000418+TLS_IO_ERR=1
Does somebody know what the problem could be?
$ openssl errstr A000418
error:0A000418:SSL routines::tlsv1 alert unknown ca
Looks like the client does not trust Squid certificate and tells Squid
about that lack of trust via a TLS alert. Did you configure the client
to trust the certificate your Squid is using for bumping client connections?
HTH,
Alex.
With old Squid 3.5 it worked with almost same config and certificate.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
