[squid-users] squid sslbump and certificates

Rafael Akchurin rafael.akchurin at diladele.com
Mon May 29 12:41:14 UTC 2017

Hello Vieri,

This article tries to explain why it happens.

To fix it - better use what Yuri recommended in http://squid-web-proxy-cache.1019090.n4.nabble.com/Howto-fix-X509-V-ERR-UNABLE-TO-GET-ISSUER-CERT-LOCALLY-Squid-error-td4682015.html


-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Vieri
Sent: Monday, May 29, 2017 2:36 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] squid sslbump and certificates


When a client browser gets the Squid error page as shown below, what does it mean?
Does it mean that Squid doesn't trust the CA mentioned below?
If I wanted to allow the connection anyway, what options would I have?

The system returned:

(71) Protocol error (TLS code: X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)

SSL Certficate error: certificate issuer (CA) not known: /C=US/O=GeoTrust, Inc./OU=Domain Validated SSL/CN=Secure Site Starter DV SSL CA - G2


squid-users mailing list
squid-users at lists.squid-cache.org

More information about the squid-users mailing list