On 1/11/2013 5:11 p.m., Lennert Rienau wrote:
Hi,
i want squid to create dynamic ssl certificates in intercept mode, which works,
but squid uses ip-addresses for the certificates of the site, not the host name.
Does anybody know why this happens?
Because you use client-first bumping on
Because you use client-first bumping on intercepted traffic.
The only details Squid has at that point are the IP address and port the
clients ws connecting to.
You need server-first bumping to contact the server and find out what
domain(s) its certificate indicate.
Thank you for your
On 11/01/2013 08:34 AM, Lennert Rienau wrote:
Because you use client-first bumping on intercepted traffic.
The only details Squid has at that point are the IP address and port the
clients ws connecting to.
You need server-first bumping to contact the server and find out what
domain(s) its
On Mar 14, 2013, at 7:22 AM, Hasanen AL-Bana hasa...@gmail.com wrote:
Hi,
I have successfully installed squid 3.3 compiled with ssl support
Interception SSL traffic is working fine with browsers loaded with my
self created .DER file.
But without it , I keep getting browser warningings ,
On Mar 14, 2013, at 9:23 AM, Hasanen AL-Bana hasa...@gmail.com wrote:
I thought Squid can fetch the original certificate for a website and pass it
to the browser instead of the one created by me,
Isn't that how dynamic ssl generation should work ?
No, there are two parts for the asymmetric
Thank you Guy for your clarification,
So you are saying that the only way to achieve squid https
interception is to force users to upload our squid certificate to
their browser, or they will have to deal with the browser warnings
On Thu, Mar 14, 2013 at 5:29 PM, Guy Helmer
2013 18:54
À : Guy Helmer
Cc : squid-users@squid-cache.org
Objet : Re: [squid-users] Dynamic SSL
Thank you Guy for your clarification,
So you are saying that the only way to achieve squid https interception is to
force users to upload our squid certificate to their browser, or they will have
On 25/11/2012 6:57 a.m., Aleksandr Tatarinov wrote:
I am trying to get SSL bumping to work on my CentOS system.
I am using these options in my squid.conf
http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/myCA.pem
On Apr 26, 2012, at 1:12 AM, Ahmed Talha Khan wrote:
Hey All,
I am trying to use the dynamic SSL certificate generation in 3.3. My
squid setup is an interception proxy setup. So dynamic generation in
interception is only possible after bump-server first available in
3.3.
I have added
I was able to get it working in 3.1.12.1 as well.
-Original Message-
From: Will Metcalf [mailto:william.metc...@gmail.com]
Sent: Tuesday, May 03, 2011 7:51 PM
To: Amos Jeffries
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] dynamic SSL cert generation
This daily build worked
On Tue, 3 May 2011 12:13:14 -0700, Mark Bassett wrote:
http://wiki.squid-cache.org/Features/DynamicSslCert
Which version of squid actually has this code in it? I have tried
squid-3.1.12 and squid-3.2.0.7 (I was not able to get 3.2 to compile
cleanly)
Squid-3.1.12 does not accept these
This daily build worked for me..
wget http://www.squid-cache.org/Versions/v3/3.HEAD/squid-3.HEAD-20110429.tar.gz
Regards,
Will
On Tue, May 3, 2011 at 5:55 PM, Amos Jeffries squ...@treenet.co.nz wrote:
On Tue, 3 May 2011 12:13:14 -0700, Mark Bassett wrote:
12 matches
Mail list logo