Hello Eliezer,
Please be sure to clean up the mimicked cert storage of Squid after changing
the Root CA for sslbump (if you use one).
Best regards,
Rafael
Diladele B.V.
-Original Message-
From: squid-users On Behalf Of
ngtech1...@gmail.com
Sent: Wednesday, June 28, 2023 6:03 PM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] HSTS in browsers summary, help wanted.
Hey Everyone,
I am testing Squid 5.9 and 6.0.3 now and I am trying to understand what might
go wrong in the client side with SSL Bump.
I have a nice setup which works with a mysql DB and it can be recreated with
vagrant in a very simple manner on-top of all EL8 based Distros.
(Alma, Rocky, CentOS, Oracle, RHEL, Fedora).
There are a set of helpers which runs in the background and do the heavy
lifting to make the setup more dynamic.
Since I am using an existing DESKTOP there is HSTS history in the browsers:
- Edge
- Chrome
- Firefox
I have added the Root CA certificate to both Windows trusted root ca's store
and into firefox certificates store.
For many sites like bing... the HSTS warning is popping out.
In edge I can disable HSTS but I don't know how to clean the HSTS cache in Edge
and in other browsers.
Any help would be usefull.
Thanks,
Eliezer
* I will post later on the Vagrant sources.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users