I am testing intermediate certificates and I have just created a key and certificate files. The http line for ssl bump is: http_port 23128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=16MB cert=/etc/squid/ssl_cert/cert.pem key=/etc/squid/ssl_cert/key.pem While running squid -kparse I get the next output: 2019/02/24 04:28:03| Using certificate in /etc/squid/ssl_cert/cert.pem 2019/02/24 04:28:03| Using certificate chain in /etc/squid/ssl_cert/cert.pem 2019/02/24 04:28:03| Ignoring non-issuer CA from /etc/squid/ssl_cert/cert.pem: /C=IL/ST=Shomron/O=NgTech LTD/CN=pxaa13a65c.ngtech.co.il ## END OF OUTPUT SNIPPET I have seen the note in the code // checks that the chained certs are actually part of a chain for validating cert at: https://github.com/squid-cache/squid/blob/75aadeb9cc1128bb50adf8fc629d3957e9 a88f2f/src/security/KeyData.cc#L121 I am not sure how to look at this. I am almost sure I did something wrong, maybe when I created the root CA or the intermidate? The actual result is that it works and the connections are being intercepted without errors since the signing rootCA is installed on windows and firefox. Not sure how to look at this log.. Thanks, Eliezer ---- <http://ngtech.co.il/main-en/> Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: <mailto:elie...@ngtech.co.il> elie...@ngtech.co.il
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
