Hi,
i am using Squid 3.1.15 server, i have enabled ssl-bump and dynamic ssl cert
generation with this line:
http_port 3150 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/ssl_cert/www.example.com.pem
always_direct allow all
ssl_bump allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /var/spool/squid_ssl_db -M 4MB
sslcrtd_children 5
It works fine but i have two minor problems:
1) Internet explorer keeps giving me security questions about invalid
certificates after i have imported my authority (i can see the authority in
intermediate CA tab inside certs), i have installed the same authority in
Firefox and i don't have this problem, how could i fix this?
2) Gmail only works in plain old HTML mode, the standard versions keeps loading
for ever, all other google apps works great and other ssl sites too, only gmail
fails to load the standard version.
Regards,
Miguel Angel.
Received on Fri Sep 16 2011 - 09:28:14 MDT
This archive was generated by hypermail 2.2.0 : Fri Sep 16 2011 - 12:00:03 MDT