[squid-users] Fwd: Problem with sha1 certs and bump server first

startrekfan startrekfan75 at freenet.de
Fri Jan 22 00:00:37 UTC 2016


Hi,

I have some small problems:

1.) Squid generates dynamic certificates with the sha1 algorithm. Is this
just a configuration issue or do I have to update to squid 3.5 to fix this?
(When I upgrade: Do I still have to change the config?)

2.) When I use bump server-first squid doesn't check for wrong hostnames
itselfs. Does squid provides enough infos so that any browser can detect
the wrong hostname by itself or is client-first a more secure option?

Thank you for your answer and time.

Ps: Squid is a great proxy. Works very well for my needs. I like it :)

<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Diese
E-Mail wurde von einem virenfreien Computer gesendet, der von Avast
geschützt wird.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DDB4FAA8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160122/6f533829/attachment.html>


More information about the squid-users mailing list