[squid-users] Squid Version 3.5.20 Any Ideas

Walter H. Walter.H at mathemainzel.info
Wed Jul 19 17:30:36 UTC 2017 

Hello,

this seems not to be the problem, as the error messages are in 
cache.log, which is not a browser problem ...

the question: are the SSL bumped sites in intranet, which use a self 
signed CA cert itself, which squid doesn't know?

On 19.07.2017 17:36, Yuri wrote:
>
> http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
>
> http://i.imgur.com/A153C7A.png
>
>
> 19.07.2017 21:34, Cherukuri, Naresh пишет:
>>
>> Hi All,
>>
>> I installed Squid version 3.5.20 on RHEL 7 and generated self-signed 
>> CA certificates,  My users are complaining about certificate errors. 
>> When I looked at cache.log I see so many error messages like below. 
>> Below is my squid.conf file. Any ideas how to address below errors.
>>
>>

>> Cache.log
>>
>> 2017/07/18 16:05:34 kid1| Error negotiating SSL connection on FD 689: 
>> error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate 
>> unknown (1/0)
>>
>> 2017/07/18 16:05:34 kid1| Error negotiating SSL connection on FD 
>> 1114: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert 
>> certificate unknown (1/0)
>>
>> 2017/07/18 16:05:37 kid1| Error negotiating SSL connection on FD 146: 
>> error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate 
>> unknown (1/0)
>>
>> 2017/07/18 16:05:41 kid1| Error negotiating SSL connection on FD 252: 
>> error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate 
>> unknown (1/0)
>>
>> 2017/07/18 16:05:41 kid1| Error negotiating SSL connection on FD 36: 
>> error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate 
>> unknown (1/0)
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170719/35518248/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3491 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170719/35518248/attachment.bin>

More information about the squid-users mailing list