Re: [squid-users] Squid Version 3.5.20 Any Ideas

Wed, 19 Jul 2017 11:15:37 -0700 

This simple seems op does not installed proxy CA's public in clients. No
more.

And errors in cache.log (as well as client complaints) are unambiguously
shown.

All other ideas are your nonsense.


19.07.2017 23:30, Walter H. пишет:
> Hello,
>
> this seems not to be the problem, as the error messages are in
> cache.log, which is not a browser problem ...
>
> the question: are the SSL bumped sites in intranet, which use a self
> signed CA cert itself, which squid doesn't know?
>
> On 19.07.2017 17:36, Yuri wrote:
>>
>> http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
>>
>> http://i.imgur.com/A153C7A.png
>>
>>
>> 19.07.2017 21:34, Cherukuri, Naresh пишет:
>>>
>>> Hi All,
>>>
>>>  
>>>
>>> I installed Squid version 3.5.20 on RHEL 7 and generated self-signed
>>> CA certificates,  My users are complaining about certificate errors.
>>> When I looked at cache.log I see so many error messages like below.
>>> Below is my squid.conf file. Any ideas how to address below errors.
>>>
>>>
>
>>> Cache.log
>>>
>>>  
>>>
>>> 2017/07/18 16:05:34 kid1| Error negotiating SSL connection on FD
>>> 689: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
>>> certificate unknown (1/0)
>>>
>>> 2017/07/18 16:05:34 kid1| Error negotiating SSL connection on FD
>>> 1114: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
>>> certificate unknown (1/0)
>>>
>>> 2017/07/18 16:05:37 kid1| Error negotiating SSL connection on FD
>>> 146: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
>>> certificate unknown (1/0)
>>>
>>> 2017/07/18 16:05:41 kid1| Error negotiating SSL connection on FD
>>> 252: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
>>> certificate unknown (1/0)
>>>
>>> 2017/07/18 16:05:41 kid1| Error negotiating SSL connection on FD 36:
>>> error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate
>>> unknown (1/0)
>>>
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Reply via email to