[squid-users] TLS: 1st time w/intermediate cert: not working; ideas on what I'm doing wrong?
Yuri
yvoinov at gmail.com
Thu Sep 7 21:49:37 UTC 2017
08.09.2017 3:46, L A Walsh пишет:
> Yuri wrote:
>> Ooooops,
>>
>> miss end of message :)
>>
> ---
> I did search first! ;^)
>
>
>
>> Check all CA's chain. It is possible your root CA's bundle not complete.
>>
> ---
> Likely problem...
>
>
>> I usually use root CA's from Mozilla (added to squid.conf as one file)
>> and own self-supported intermediate CA's list (file).
>>
> ----
> How often do they update? I.e. should I set up a cron job to download
> and concatenate the CA's? Is there a preferred D/L URL?
I added to cron once per month update. Script (specific to my setups) to
update and reconfigure squid.
I use this URL:
https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt
>
>
>
>
>
>> But in addition I'm using Squid 5.x with working cert's downloader ;)
>>
> ----
> :^/ --- hmmm.... and I'm not even running 4.x... *ouch*...
>
> Is that going to be backported to 3.x? Isn't 4.x the beta/devel version,
> or is it 4.x=beta and 5.x=devel?
>
>
> Tnx!
> -l
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170908/fdb571b2/attachment.sig>
More information about the squid-users
mailing list