The certificate should have *CA:true* set for act a CA for dynamic signing certificates by Squid.
Most probably, Let's Encrypt will ignore this constraint in CSR. 2018-03-05 12:33 GMT-03:00 Chris Adams <li...@cmadams.net>: > Once upon a time, Valeri Galtsev <galt...@kicp.uchicago.edu> said: > > https://letsencrypt.org/ > > > > - you will have to run web server to have certificate signed by > > them > > Not necessarily - we do most of our Let's Encrypt validation with DNS > rather than HTTP. > -- > Chris Adams <li...@cmadams.net> > _______________________________________________ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
