The certificate should have *CA:true* set for act a CA for dynamic signing certificates by Squid.
Most probably, Let's Encrypt will ignore this constraint in CSR. 2018-03-05 12:33 GMT-03:00 Chris Adams <[email protected]>: > Once upon a time, Valeri Galtsev <[email protected]> said: > > https://letsencrypt.org/ > > > > - you will have to run web server to have certificate signed by > > them > > Not necessarily - we do most of our Let's Encrypt validation with DNS > rather than HTTP. > -- > Chris Adams <[email protected]> > _______________________________________________ > CentOS mailing list > [email protected] > https://lists.centos.org/mailman/listinfo/centos > _______________________________________________ CentOS mailing list [email protected] https://lists.centos.org/mailman/listinfo/centos
