It is possible to use SSL_bump on my squid server 3.5.23, if my parent cache (cache_peer) does not use ssl_bump (not configured).
# When I try to access an https: // # With this setting: http_port 127.0.0.1:3129 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem sslproxy_options NO_SSLv2,NO_SSLv3,SINGLE_DH_USE ssl_bump none localhost ssl_bump server-first all sslproxy_flags DONT_VERIFY_PEER sslproxy_cert_error allow all # Cache.log reports this error: assertion failed: PeerConnector.cc:116: "peer->use_ssl" # With this setting: http_port 127.0.0.1:3129 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myCA.pem sslproxy_options NO_SSLv2,NO_SSLv3,SINGLE_DH_USE ssl_bump none localhost ssl_bump bump all sslproxy_flags DONT_VERIFY_PEER sslproxy_cert_error allow all # The browser designates that the connection is not private, NET::ERR_CERT_AUTHORITY_INVALID Is it necessary for the cache_peer to be compiled with --enable-ssl-crtd and --with-openssl and configured with ssl_bump to be able to use ssl_bump on my squid child server? Or there is a way to configure ssl_bump on the child only, even if the parent does not. Please help. -- Este mensaje le ha llegado mediante el servicio de correo electronico que ofrece Infomed para respaldar el cumplimiento de las misiones del Sistema Nacional de Salud. La persona que envia este correo asume el compromiso de usar el servicio a tales fines y cumplir con las regulaciones establecidas Infomed: http://www.sld.cu/
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
