Added
Symantec Class 3 Secure Server CA - G4
VeriSign Class 3 Public Primary Certification Authority - G5
Same issue :=(
-Message d'origine-
De : Yuri Voinov [mailto:yvoi...@gmail.com]
Envoyé : vendredi 28 avril 2017 19:31
À : Rafael Akchurin ; David Touzeau
; squid-users@lists.squid
Raf,
intermediate CAs required anyway. Not all good good webmasters - just a
focus of the world's Good - add intermediate certificates to the chain. ;-)
Evil proxy administrators - the focus of the world's Evil - must do this
manually. Still :-D
28.04.2017 22:00, Rafael Akchurin пишет:
> Hello D
Hello David and all,
According to
https://www.ssllabs.com/ssltest/analyze.html?d=www.boutique.afnor.org&hideResults=on
you do not need to add any intermediate certificates to system storage - site
seems to be sending the whole chain as it should...
BUT the overall site SSL rating is so bad..
Have you tried the CA bundle here:
https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt
referenced in the config with:
sslproxy_cafile /etc/squid/ca-bundle.crt
This fixed a lot of the cert errors I experienced. oli...@lennox-it.uk
lennox-it.uk
tel: 07900 648 252
From: Da
Hello,
with by-itself i mean the squid-cache and/or the host-machine, neither of
them is able to resolve internet hostnames, our dns is just internal. Only
the parent proxy from the Network provider is able to resolve internet
names. So i just want all my request beeing forwarwed without name
reso
On Friday 28 April 2017 at 11:14:16, David Touzeau wrote:
> I'm fighting to find the correct certificate chain for this website:
> https://www.boutique.afnor.org
$ openssl s_client -host www.boutique.afnor.org -port 443 -prexit -showcerts
CONNECTED(0003)
depth=2 C = US, O = "VeriSign, Inc.",
I'm fighting to find the correct certificate chain for this website:
https://www.boutique.afnor.org
I have also added all certificates included in this package:
https://packages.debian.org/fr/sid/ca-certificates
Do you have any tips to help ?
Best regards
-Message d'origine-
De : Yuri
W dniu 28.04.2017 o 11:00, mbaltruschat pisze:
Hello everybody,
i am trying to migrate my old squid 2.7 to 3.5 and are getting stuck, the
new proxy is very slow, requests need very long until they open, i guess ist
a name resolution problem, because the proxy cant resolve internet domain
names b
Hello everybody,
i am trying to migrate my old squid 2.7 to 3.5 and are getting stuck, the
new proxy is very slow, requests need very long until they open, i guess ist
a name resolution problem, because the proxy cant resolve internet domain
names by itself, the name resolution is done by the pare
