Hi,
I'm speaking about Intermediate CA (not root) with squid as client
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-4-and-missing-intermediate-certs-td4684653.html
Not directly related, how you usually update your root CA for squid ?
I'm just using ca-certificate directory from my
squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid 4.5 and intermediate CA
Hi Amos,
Yes it works, and I guess I found where the problem is, this is a
pkix-cert mime type and I wonder, but maybe I'm wrong, that Squid can't
use the file
openssl x509 -inform DER -in myfile
Hi Amos,
Yes it works, and I guess I found where the problem is, this is a
pkix-cert mime type and I wonder, but maybe I'm wrong, that Squid can't
use the file
openssl x509 -inform DER -in myfile shows the CA as text file, after
that I can use the CA file with browser unable to download CA (
On 16/01/19 8:30 pm, FredB wrote:
> Yes it works, my first issue is now resolved
>
> There is a 200 when automatic download occurs, so this part is good
>
> Unfortunately still there is a code 503 at the third request, a specific
> bump configuration is needed ?
>
Have you double-checked that
Yes it works, my first issue is now resolved
There is a 200 when automatic download occurs, so this part is good
Unfortunately still there is a code 503 at the third request, a specific
bump configuration is needed ?
- - - [15/Jan/2019:16:33:43 +0100] "GET
http://cert.int-x3.letsencrypt.org/
On 1/15/19 8:59 AM, FredB wrote:
> I'm testing squid 4.5 and facing two issues with intermediate CA download
>
> At first there is no source IP and I don't know how to allow this kind
> of requests with an identification acl
How about using transaction_initiator ACL to identify requests generate
Now squid can get directly the intermediate CA as a browser does, it's a
very interesting feature to me
Maybe I'm missing something, but I can see the request from squid now
(with squid 4) it's a good point, my sslbump config is very basic,
perhaps to basic cl step at_step SslBump1
ssl_bump
Hi Eliezer
It's just what I'm seeing and it works well, so with fetched_certificate
rule the first point is now fixed
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
704261
Email: <mailto:elie...@ngtech.co.il> elie...@ngtech.co.il
From: squid-users On Behalf Of FredB
Sent: Tuesday, January 15, 2019 17:59
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Squid 4.5 and intermediate CA
Hi all,
I'm testing squid 4.5 and facin
Hi all,
I'm testing squid 4.5 and facing two issues with intermediate CA download
At first there is no source IP and I don't know how to allow this kind
of requests with an identification acl
172.23.0.9 - user2 [15/Jan/2019:16:34:51 +0100] "CONNECT
bugs.squid-cache.org:443 HTTP/1.1" 407 4442
10 matches
Mail list logo
