[squid-users] squid sslbump and certificates

Rafael Akchurin rafael.akchurin at diladele.com
Mon May 29 12:41:14 UTC 2017


Hello Vieri,

This article tries to explain why it happens.
https://docs.diladele.com/faq/squid/fix_unable_to_get_issuer_cert_locally.html#ssl-certificate-test-tool-in-web-safety-5

To fix it - better use what Yuri recommended in http://squid-web-proxy-cache.1019090.n4.nabble.com/Howto-fix-X509-V-ERR-UNABLE-TO-GET-ISSUER-CERT-LOCALLY-Squid-error-td4682015.html

Raf

-----Original Message-----
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Vieri
Sent: Monday, May 29, 2017 2:36 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] squid sslbump and certificates

Hi,

When a client browser gets the Squid error page as shown below, what does it mean?
Does it mean that Squid doesn't trust the CA mentioned below?
If I wanted to allow the connection anyway, what options would I have?


The system returned:

(71) Protocol error (TLS code: X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)

SSL Certficate error: certificate issuer (CA) not known: /C=US/O=GeoTrust, Inc./OU=Domain Validated SSL/CN=Secure Site Starter DV SSL CA - G2


Thanks,

Vieri
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users


More information about the squid-users mailing list