[squid-users] Squid 3.5.24 - Ssl Bump tlsv1 alert unknown ca

Test1964 test1964 at gmail.com
Thu Feb 23 07:51:23 UTC 2017


when using squid in transparent mode and try to access 
https://www.facebook.com from computer all working very well,
but when I try to use Facebook app (on Iphone for example), I'm getting 
this error in cache.log:

Error negotiating SSl connection on FD XX: error:14094418:SSL 
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (1/0)

and Facebook not working.

I run on Centos 7:

* run update-ca-trust
* yum update ca-certificates
* create the certificate like this:
     openssl req -newkey rsa:4096 -sha512 -days 365 -nodes -x509 -keyout 
myCA.pem -out myCA.pem

Do I need to create the certificate for smartphones  different way?
Do I need to install more ca bundle in Centos?
How to fix this problem without white list this site from ssl bump

Thanks Dan

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170223/3b35978c/attachment.html>

More information about the squid-users mailing list