[squid-users] SSL3_READ_BYTES:sslv3 alert certificate unknown
Amos Jeffries
squid3 at treenet.co.nz
Wed Oct 28 10:47:50 UTC 2015
On 28/10/2015 11:35 p.m., Yuri Voinov wrote:
> Hi gents.
>
> I think, all of you who use Bump, seen much this messages in your
> cache.log.
>
> SSL3_READ_BYTES:sslv3 alert certificate unknown
>
> AFAIK, no way to identify which CA is absent in your setup.
>
> I propose to consider the following questions: how do properly support
> SSL proxy, if you can not identify the problem certificates? Telepaths
> sunbathing in Bali. The procedure, which currently can not quickly and
> in any way to effectively determine such a certificate.
>
> At the moment, the situation is as follows. SSL library - a thing in
> itself, it runs by itself and does not write any logs. Squid - itself
> and any useful information on the library does not receive but obscure
> diagnostic messages. The possibility in any way specify the SSL library
> diagnostic messages we have, and, as I understand it, will not.
>
> So, any ideas?
Make sure Squid is sending the whole CA chain to the remote end?
Amos
More information about the squid-users
mailing list