hone
>
Hello again,
still same error...
Comlete debug output of "squid -X" is here:
https://gist.github.com/samuraiii/839151ae083872d3fd2be650df004e0c
These flagsare from my distro, I cant influence it directly, only
through few "use flags", which represent some functionalit
On 24.8.2016 16:39, Diogenes S. Jesus wrote:
> Oh, an a tiny little detail :)
>
> # squid -v
>
> Squid Cache: Version 4.0.13
>
> Service Name: squid
>
> configure options: '--with-openssl' '--prefix=/usr'
> '--localstatedir=/var' '--libexecdir=/lib/squid'
> '--datadir=/share/squid' '--sysconfdir=
>
> > No SSL-bumping or whatever just forwarding.
> Firstly, the concept is not safe. Users will have a secure connection
> to the proxy - as well as the next? HTTP? User misled green padlock,
> believes all secure connection - as external traffic is not encrypted
> after the fact. Second. Y
> look to the browser
>
> > like HTTPS ones.
> Then I do not understand what he wants op.
>
>
>
http://wiki.squid-cache.org/Features/HTTPS#Encrypted_browser-Squid_connection
Secure connection to squid proxy without need for anything else (on
client side) than configuring proxy in bro
On 24.8.2016 14:24, Antony Stone wrote:
> On Wednesday 24 August 2016 at 14:22:18, Samuraiii wrote:
>
>> On 24.8.2016 14:18, Yuri Voinov wrote:
>>> No one CA do not issue signing CA for subject, which is not CA itself.
>>>
>>> So, op wants impossible thing.
On 24.8.2016 14:18, Yuri Voinov wrote:
>
> No one CA do not issue signing CA for subject, which is not CA itself.
>
> So, op wants impossible thing.
>
I have tried to drop clientca option, to add generate-host-certificates=off
but outcome is still same error...
even with just this as config:
http
> Please give more details for "fails".
>
> Is the following your entire squid.conf (except for comments)?
>
> Have you tried getting SSL access to Squid working before introducing
> authentication?
>
> What are you trying, to test this, and what are the results?
>
>
> Regards,
>
>
> Antony.
Firs
On 24.8.2016 13:18, Antony Stone wrote:
> Unfortunately it's not Squid that's the challenge - it's the browser.
>
> If you're using Firefox and/or Chrome, you should be okay.
>
> See "Encrypted browser-Squid connection" at the bottom of
> http://wiki.squid-cache.org/Features/HTTPS
>
>
> Antony.
>
I
Hello,
I am trying to setup squid as SSL protected proxy for few users without
any intention to use ssl-bumping or any other MITM technique.
I just want to have SSL secured connection between browser and proxy.
Proxy will not be "transparent" and will be using PAC file for
configuration and PAM for
