Hi Tom, Did you saw the thread “ssl_bump peek in squid-3.5.3” from James Lay ? Maybe can help
Josep De: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] En nombre de Tom Harris Enviado el: lunes, 27 de abril de 2015 23:09 Para: squid-users@lists.squid-cache.org Asunto: [squid-users] How are others handling missing intermediate certificates? In SSL bump mode, I find I am hitting sites with incomplete certificate chains fairly often. When accessed directly, browsers will work it out - I guess by downloading the missing CA certs. I know I can load the intermediate CA certs in my system DB as I encounter the issues. But, I'm wondering if others have more proactive solutions. Is there a list of commonly encountered certs, maybe just a subset like the top tier CAs? Or, is this being addressed in code making squid behave like browsers do?
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
