[squid-users] Enable SSL bump
Mustafa Mohammad
mustafamohammad92 at gmail.com
Tue Jan 24 02:38:11 UTC 2017
By regression...I mean our QA testing server. Let me explain this in
detail: I have a squid proxy running which is needed to connect to the
server so we can get back if the transaction was approved or not. It is a
point of sale application that send transaction data to the server to
receive response about the transaction and that's when the problem is
occurring when It is trying to communicate to that server. I received some
help and I think ssl splice and ssl peek might work but I don't know how to
use them. I don't the rules to apply in this situation.
On Mon, Jan 23, 2017 at 7:35 PM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> [ Please reply to the list, not to me personally. ]
>
> On 24/01/2017 11:54 a.m., Mustafa Mohammad wrote:
> > I'm using 3.5.23 version. My problem is that I'm trying to hit our
> > regression server and after doing research, I found that SSL bump might
> > work for me but I'm not sure.
>
> We (the squid-users list people) can probably answer that. But will need
> to know a bit more details about what exactly your situation is.
>
> I have been assuming that by "regression" you actually mean "legacy
> server" - as in; 'a server running old software'. Is that correct?
>
> If so, then the CRL check failing usually means that the CA who issued
> that certificate has formally published an advisory (CRL) indicating
> that certificate as invalid and must never be used again. Why can't you
> just change the cert?
>
>
> > When my config file is not doing a crl check,
> > I was able to hit the server but I can't hit the server if my crlcheck is
> > set to yes. I'm very new to squid.
>
> Okay. Sounds like you just need to disable the some checks. But lets put
> that aside until its clear whether Squid is the right solution for your
> need.
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170123/4cc369b4/attachment.html>
More information about the squid-users
mailing list