Is there a way, not using ssl-bump, on squid to verify the remote server has
the certificate signed by some well-known CA or self-signed? does that
change if the server is running TLS 1.2 or 1.3?
thanks.
George
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019
On 29/02/20 2:26 am, Andrea Venturoli wrote:
In some corporate environment it might be desiderable to have all
clients use the internal DNS.
This is easily done with firewalls until DNS-over-HTTP comes into play.
How does Squid deals with this?
How to block it?
On 29.02.20 22:19, Amos Jeffries
On 29/02/20 2:35 am, claudiu vasadi wrote:
> Hello list,
>
> I’m currently trying to wrap my head around the concept of using “acl
> name user_cert CN cn” on squid 3.5. What I would like to achieve is a
> setup where the client needs to pass a certificate and squid
> allows/denies access to the in
On 29/02/20 2:26 am, Andrea Venturoli wrote:
> Hello.
>
> In some corporate environment it might be desiderable to have all
> clients use the internal DNS.
> This is easily done with firewalls until DNS-over-HTTP comes into play.
>
> How does Squid deals with this?
DoH is just HTTP messages like
