[squid-users] Why 3.5.0.4 generates mimicked certs with server IP only when bumping?
Yuri Voinov
yvoinov at gmail.com
Mon Jan 26 19:02:33 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
With this:
acl step2 at_step SslBump2
acl step3 at_step SslBump3
ssl_bump peek step2 all
ssl_bump bump step3 all
it does'nt produce errors, but also doesn't bump.
No mimicked certificates created. No one.
Yep, permissions are ok. Yep, owner is ok. Yep, another configuration ok. :)
What else?
27.01.2015 0:26, Daniel Greenwald пишет:
> Thank you Amos, I have updated to bump. Working well just the same..
> Even chrome doesn't complain for google properties. Very nice.
>
> -----------
> Daniel I Greenwald
>
>
>
> On Mon, Jan 26, 2015 at 12:35 PM, Yuri Voinov <yvoinov at gmail.com
<mailto:yvoinov at gmail.com>> wrote:
>
>
> It's mistype. :)
>
> Of course, I mean
>
> acl net_bump src 192.168.101.0/24 <http://192.168.101.0/24>
>
>
> Yep, sure - when I change "all" to another ACL - row bungled.
>
>
> 26.01.2015 23:33, Amos Jeffries пишет:
> > On 27/01/2015 5:37 a.m., Yuri Voinov wrote:
> >>
> >> I'm not about it.
> >>
> >> server-first keyword deprecated in 3.5.x.
> >>
> >> AFAIK, keywork "bump" now has yet another meaningful.
> >>
> >> And also: in your example can only use acl "all". Any other ACL's
> >> leading "Bungled config line" error.
> >>
> >> I.e, for example,
> >>
> >> acl net_bump acl net_bump src 192.168.101.0/24
<http://192.168.101.0/24>
>
> > You sure the bungled is not about the previous line?
>
> > "acl net_bump acl ..." no such ACL type as "acl".
>
>
> >> ssl_bump peek step1 net_bump
> >> ssl_bump server-first step2 net_bump
> >>
>
> > And yes you are right that is deprecated. It should be "bump" as the
> action.
>
> > Amos
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
<mailto:squid-users at lists.squid-cache.org>
> > http://lists.squid-cache.org/listinfo/squid-users
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
<mailto:squid-users at lists.squid-cache.org>
> http://lists.squid-cache.org/listinfo/squid-users
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBAgAGBQJUxo9IAAoJENNXIZxhPexGJ7wH/2ZBWWu+JKFu3tFTIbTXLro7
qkokUD+zSuP4ThaViBem7asf7SNGN8tshDOtI6+WAIE93TszGcjZQ4sGWbQp/mmN
L9OlEjxrBgbNOCV7aLdwHcBeoOS6PktXYaFIm7dGoXmyzFyf560WkBEUa1RtRDJ0
/OKkHvBQPWHXzhvTVJVtC2HMFx6MJ682jTTMRsY/6Y/ymC6Mcbjdvdz/qOjcNqnq
vAssvdVEL3v7CoIWuBEEq/cjh6m0Z6bHOxCBJfSQWj7E9UceY5KaDRUy+PwIQe4X
koqjtJRwwu8+KoXM6hGAl5Qntglb7aVnooaymcVBDYv+/h46uED0Lo5hi1bvnGE=
=pYeI
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150127/3ed65dc3/attachment-0001.html>
More information about the squid-users
mailing list