Re: [squid-users] ssl bump intermediate certificate

2019-11-03 Thread Amos Jeffries
All of the "CA" entries in that purposes list say "No". So this is not a CA certificate, it is an origin server certificate. It can only be used to receive explicit TLS proxy or HTTPS origin server traffic. Amos Sent from my alcatel U5 ___ squid-user

Re: [squid-users] ssl bump intermediate certificate

2019-11-03 Thread Amos Jeffries
All of the "CA" entries in that purposes list say "No". So this is not a CA certificate, it is an origin server certificate. It can only be used to receive explicit TLS proxy or HTTPS origin server traffic. Amos Sent from my alcatel U5 ___ squid-user

Re: [squid-users] ssl bump intermediate certificate

2019-11-03 Thread Marek Greško
Hello, I already tried adding root ca to the pem file int the cert= option. But it had no effect. the squid -k parse seems good point. I got: Ignoring non-issuer CA from /etc/squid/bump-CA/bump-ca.crt If I add the root ca, that one is reported to be added, but still ignoring the bump ca. Why is

Re: [squid-users] ssl bump intermediate certificate

2019-10-31 Thread Amos Jeffries
On 31/10/19 9:49 am, Marek Greško wrote: > Hello, > > Matus, I also found the document. It should be sending the chain, but > is not. When I specify cafile option it responds I shoud use > tls-cafile. But in either case it is not sending. > > Walter, if squid has such requirement, then it is unfi

Re: [squid-users] ssl bump intermediate certificate

2019-10-30 Thread Marek Greško
Hello, Matus, I also found the document. It should be sending the chain, but is not. When I specify cafile option it responds I shoud use tls-cafile. But in either case it is not sending. Walter, if squid has such requirement, then it is unfinished. Every other proxy is able to run its CA as an i

Re: [squid-users] ssl bump intermediate certificate

2019-10-30 Thread Matus UHLAR - fantomas
On 30.10.2019 05:59, Marek Greško wrote: I am trying to configure ssl bumping on squid 4.8 but my browser is not able to validate the certificate due to intermediate certificate missing. How could I convince squid to send it? On 30.10.19 10:11, Walter H. wrote: the ssl-bum certificate is either

Re: [squid-users] ssl bump intermediate certificate

2019-10-30 Thread Walter H.
On 30.10.2019 05:59, Marek Greško wrote: Hello, I am trying to configure ssl bumping on squid 4.8 but my browser is not able to validate the certificate due to intermediate certificate missing. How could I convince squid to send it? Thanks Marek the ssl-bum certificate is either a root certifi

[squid-users] ssl bump intermediate certificate

2019-10-29 Thread Marek Greško
Hello, I am trying to configure ssl bumping on squid 4.8 but my browser is not able to validate the certificate due to intermediate certificate missing. How could I convince squid to send it? Thanks Marek ___ squid-users mailing list squid-users@lists.