[squid-users] Is there a way on client to show proxy's certificate?

Amos Jeffries squid3 at treenet.co.nz
Mon Dec 23 07:22:14 UTC 2019

On 23/12/19 7:45 pm, GeorgeShen wrote:
> actually doing "openssl s_client -proxy -connect
> <host:port> -showcerts ",
> noticed two of the three certs from that display is from the proxy server I
> think. the first one
> is the modified host cert. maybe that's the way to get proxy server's certs.

You are using SSL-Bump. There is no "proxy cert" in these connections.
There is only client cert (optional) and server cert (possibly modified
by Squid, with CA chain).

What you see there is what exists in the traffic.


More information about the squid-users mailing list