On 6/02/19 10:10 pm, Yann Girardin wrote: > > Is there a way to activate this AIA fetching in squid or do i have to
Fetching missing intermediate CA certificates is implemented in Squid-4. All you need do is check that your access controls permit those requests to happen. If you have Squid-3.5 the <http://www.squid-cache.org/Doc/config/sslproxy_foreign_intermediate_certs/> directive can load intermediate certs to use for the missing cert chain entries. > implement it myself using a helper with the sslcrtvalidator_program ? > That is also possible. PS. AIA fetching requires the certificate AIA to have a value. Some of these misconfigurations are because it is missing. In that case there is nothing that can be done to resolve the error without already having the relevant Issuer cert. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
