Re: [squid-users] Using dont_verify_peer

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 For the future: using SSL Bump dangerous enough itself, so the less it will be all kinds of exceptions - the better. 29.04.16 2:56, Rafael Akchurin пишет: > > Hello Bruce, > > > > According to https://www.ssllabs.com/ssltest/analyze.html?d=agenti

Re: [squid-users] Using dont_verify_peer

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 With intermediate certificates better to use sslproxy_foreign_intermediate_certs for many reasons: 1. sslproxy_foreign_intermediate_certs not treated as trusted root CA's. They only uses for complete certificate chain. 2. Intermediate CA's most o

Re: [squid-users] Using dont_verify_peer

Hello Bruce, According to https://www.ssllabs.com/ssltest/analyze.html?d=agentimediaservices.com the server does not send the whole chain of certificates and imho squid cannot automatically download the intermediate certificates like browsers do. You need to manually add them to the store. Cur

[squid-users] Using dont_verify_peer

I didn't really get an answer previously so I did some research and now I'm not quite sure what to do. Problem is I'm getting a lot of these: The following error was encountered while trying to retrieve the URL: https://*.agentimediaservices.com/* Failed