> Because you use client-first bumping on intercepted traffic. > The only details Squid has at that point are the IP address and port the > clients ws connecting to. > > You need server-first bumping to contact the server and find out what > domain(s) its certificate indicate.
Thank you for your anwser, when i change it to ssl-server-first mode this error appears: "FATAL: unknown ssl_bump mode: ssl-server-first". Should i apply this patch: http://www.squid-cache.org/mail-archive/squid-dev/201207/att-0144/BumpSslServerFirst-t11-Amos-requests-part.patch or is there another workaround? i run squid 3.3.9. Thanks!
