[squid-users] Why 3.5.0.4 generates mimicked certs with server IP only when bumping?
Amos Jeffries
squid3 at treenet.co.nz
Tue Jan 27 08:45:51 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 27/01/2015 8:16 a.m., Yuri Voinov wrote:
>
> No one ssl_bump combination did not work.
>
> With your config I see only:
>
> 1422299531.482 18722 192.168.100.5 TCP_TUNNEL/200 99418 CONNECT
> 128.121.22.133: 443 - ORIGINAL_DST/128.121.22.133 -
>
> and connection does'nt established.
That is a non-bumped TUNNEL.
If connection is not established for TUNNEL the bug is either in TCP
connecting to the server, or in the TLS/SSL directly between server
and client - Squid is not taking part.
The fact that it is a TUNNEL instead of bumped (MISS) is a separate
issue that others seem not to be having.
>
> No errors - no bump. Certs generated, but strange - without FQDN
> CN's.
>
> 27.01.2015 0:26, Daniel Greenwald пишет:
>> Thank you Amos, I have updated to bump. Working well just the
>> same.. Even chrome doesn't complain for google properties. Very
>> nice.
>
>> ----------- Daniel I Greenwald
>
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJUx1A/AAoJELJo5wb/XPRj5zAH/i2R1ltgmqigDdrrIdAqbvo0
/uwoasnqcwcNBDu7j5rONLy5J+CUDXPelB5rU9lRg5YrjnjbK2mRtN+z+zKzmSjb
jcEc+VWJMWQGFpLcMImJPyUR52h0qum/JF+iCYi9bl8XjX1UTmtm804/oB7sh03C
hKa37CmxYMR1s+4EBjRbIgwGO5dVPiHvmAqPH/CI7O4rO5pddCcyul2yLlvtZPyA
KOlOkcLI89LAGU58HlcGBtiAvvAKt8TrrtlofMUcjKDD5EcHdV8F61p+DSuY1nX2
WJf03dGsSIpZ6esmYwaUA2jiIafpPkr0RcK67nnN9GvB6LzZlRJL4ZyKYIESy1E=
=aMQ1
-----END PGP SIGNATURE-----
More information about the squid-users
mailing list