Ok, finally got the certificate installed properly and can proxy some https
sites (gmail, google) but I get an error when going to a bank website.
NET::ERR_CERT_COMMON_NAME_INVALID
when I created the certificate, I purposefully left the common name blank
as per several articles on ssl_bump. So
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 6/10/2014 4:24 p.m., Robert Watson wrote:
> still trying to get this working. To eliminate the self signed
> certificate issue, I got a official signed certificate from
> Starfield Tech. LLC. They've sent two certifcates but I'm unsure
> how to use
still trying to get this working. To eliminate the self signed certificate
issue, I got a official signed certificate from Starfield Tech. LLC.
They've sent two certifcates but I'm unsure how to use these certificates
since the ssl_bump parameters only have one certificate as a parameter
On Sun,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/05/2014 01:22 PM, Amos Jeffries wrote:
> MSIE 11 seems to be growing in popularity for some reason ;-)
>
> Amos
And Still there is:
http://bugs.squid-cache.org/show_bug.cgi?id=4115
For now I am using ssl_crtd of 3.4.5 for google ssl bump to wo
mailto:rob...@gillecaluim.com>>
Date: Sunday 5 October 2014 02:29
To:
"squid-users@lists.squid-cache.org<mailto:squid-users@lists.squid-cache.org>"
mailto:squid-users@lists.squid-cache.org>>
Subject: [squid-users] transparent proxy https and self signed certificate error
u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 5/10/2014 7:30 p.m., Jason Haar wrote:
> On 05/10/14 18:44, Amos Jeffries wrote:
>> PS. Google with Chrome appear these days to be the champions of
>> unbreakable TLS, their software is continually being updated to
>> use/invent new TLS features t
On 05/10/14 18:44, Amos Jeffries wrote:
> PS. Google with Chrome appear these days to be the champions of
> unbreakable TLS, their software is continually being updated to
> use/invent new TLS features that close loopholes in TLS design which
> allow ssl-bump to take place. What worked last month h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 5/10/2014 1:29 p.m., Robert Watson wrote:
> using squid 3.4.8, compiled from source with ./configure flags
> --enable-icap-client --enable-ssl --enable-ssl-crtd configured
> iptables for transparent proxy (redirect 80 to 3128) and everything
> work
using squid 3.4.8, compiled from source with ./configure flags
--enable-icap-client --enable-ssl --enable-ssl-crtd
configured iptables for transparent proxy (redirect 80 to 3128) and
everything works fine
configured iptables for transparent proxy (redirect 443 to 3127) but can't
get transparent pr
