[squid-users] 4.9 https isue...unable import certificate in browser
aw_wolfe
aw_wolfe12 at yahoo.com
Tue Dec 10 11:19:40 UTC 2019
I have squid 4.9 built with https support in which I created a certificate
following tutorial. Squid starts, appears to be running fine. http whitelist
with user groups working....trying to add https support.
copy/paste from example of what I did to create certificate.
openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes -x509 -extensions
v3_ca -keyout myCA.pem -out myCA.pem
certtool --generate-privkey --outfile ca-key.pem
certtool --generate-self-signed --load-privkey ca-key.pem --outfile myCA.pem
openssl x509 -in myCA.pem -outform DER -out myCA.der
1) problem when trying to import myCA.der certificate into firefox: "This is
not a certificate authority certificate, so it can’t be imported into the
certificate authority list"
2) My goal is simply to whitelist sites, I do not have a need to view the
traffic. Is following ssl-bump examples the right/only approach or is easier
way to let the client connect directly, but preventing any connection except
if on the whitelist?
Thanks,
Tony
--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
More information about the squid-users
mailing list