Thank you Alex.
>Sounds good. Does the generated fake certificate contain the right origin
server name?
Sid: Yes, It does contain correct IP Address in Server name sent by client.
>Why do you expect the client to send a client certificate to Squid? In most
deployments, TLS servers do not
On 31/10/18 11:27 PM, uppsalanet wrote:
> Hi Amos,
> Is there a git that I can use to push stuff up?
>
Do you mean to make a change PR against the official code?
The key details for people wanting to assist with Squid development are
linked from here:
On 1/11/18 4:08 AM, Uchenna Nebedum wrote:
> Thanks a lot Amos, I really didn't notice I had been sending private
> emails, Really sorry about that.
>
> About the config, The proxy works fine now, it bumps the traffic
> successfully.
> I've added the sites i want to be bumped but the browser
On 10/30/18 10:59 PM, Sid wrote:
> Sid: I took wireshark on Squid server (centOS 7); I took 2 wiresharks
> between Client & Squid and then between Squid & Server. I can see client
> being sent fake cert generated by Squid & client responds with "Client key
> Exchange", "Change cipher spec",
On 10/31/18 11:20 AM, Arunabha Saha wrote:
>>As with any timeout, it is impossible to say in general which side of
>>the connection is at fault. This case has at least three sides: It could
>>be the HTTP agent, Squid, and/or the ICAP service. Did one of them stall
>>the transaction? Or was the
Hello Samuel,
Yes will make the Docker when 7.0 is in beta stage, now we need to polish it a
little.
Added issue at https://github.com/diladele/websafety-issues/issues/1030
Best regards,
Rafael Akchurin
Diladele B.V.
From: squid-users On Behalf Of S
Irlapati
Sent: Wednesday, 31 October 2018
Is it possible to make a docker image for this?
On 10/31/18 12:23 PM, Rafael Akchurin wrote:
Greeting all,
The online repository with latest Squid 4.4 (rebuilt from Debian
unstable with sslbump support) for Ubuntu 18 LTS 64-bit is available
at squid44.diladele.com. Github repo at
Greeting all,
The online repository with latest Squid 4.4 (rebuilt from Debian unstable with
sslbump support) for Ubuntu 18 LTS 64-bit is available at squid44.diladele.com.
Github repo at https://github.com/diladele/squid-ubuntu contains the scripts we
used to make this compilation.
Hope you
>As with any timeout, it is impossible to say in general which side of
>the connection is at fault. This case has at least three sides: It could
>be the HTTP agent, Squid, and/or the ICAP service. Did one of them stall
>the transaction? Or was the ICAP service just too impatient? See option
>#4
Thanks a lot Amos, I really didn't notice I had been sending private
emails, Really sorry about that.
About the config, The proxy works fine now, it bumps the traffic
successfully.
I've added the sites i want to be bumped but the browser errors thrown are
too much, and it's a scenario where I
When there is an issue with a certificate, it is good practice to go to ssllabs
to verify what is going on.
https://www.ssllabs.com/ssltest/analyze.html?d=i.bps%2dsberbank.by=on
shows that there is an incomplete certificate chain issue (in orange) which
means that the server of the bank does
I do not use bump or splice if that is what you mean. I do not import
certificates.. it works without proxy.
-Original Message-
From: squid-users On Behalf Of
Matus UHLAR - fantomas
Sent: Wednesday, October 31, 2018 5:46 PM
To: squid-users@lists.squid-cache.org
Subject: Re:
On 31.10.18 17:41, Vacheslav wrote:
2018-10-31 17:34:45 [4270] TLSv1.2 certificate for i.bps-sberbank.by:443:
UNRECOGNISED ISSUER (maybe a certificate chain issue) *
2018-10-31 17:34:45 [4270]issuer: /C=US/O=DigiCert
Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018
does your system
Peace,
Here is the log ufdbguard:
2018-10-31 17:34:45 [4270] TLSv1.2 certificate for i.bps-sberbank.by:443:
UNRECOGNISED ISSUER (maybe a certificate chain issue) *
2018-10-31 17:34:45 [4270]issuer: /C=US/O=DigiCert
Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018
2018-10-31 17:34:45
Hi Amos,
Is there a git that I can use to push stuff up?
I think you need to split the string in an other way, look into this
example:
#!/usr/bin/perl
use strict;
use warnings;
$|=1;
while (<>) {
my $string = $_;
print "Received '\$_' = ".$_."\n";
$string =~
15 matches
Mail list logo