[squid-users] Squid 4.11 Howto create SSL Bump certificates with only 3-12 months date of expiry

info Mon, 29 Jun 2020 08:13:41 -0700

Hi Squid Community,

how can I configure Squid to create SSL Bump Certifications with only 3-12 
months date of expiry?


Currently, Squid SSL bumped Certifications are valid 20 years in my case, way 
too long, as Apple & Google & Mozilla will trust only <1 Year SSL 
certifications in the future.

Thanks for any help!
Schroeffu

my conf:

http_port {{ inventory_hostname }}:{{ squid_port }} ssl-bump 
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB 
cert=/etc/squid/certs/(***).pem key=/etc/squid/certs/(***).pem
sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB
always_direct allow all
ssl_bump bump !domains_dont_sslbump

_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] Squid 4.11 Howto create SSL Bump certificates with only 3-12 months date of expiry

Reply via email to