[squid-users] how to configure squid to check server certificate?

Amos Jeffries squid3 at treenet.co.nz
Sun Mar 1 09:18:19 UTC 2020

On 1/03/20 3:57 pm, GeorgeShen wrote:
> Is there a way, not using ssl-bump, on squid to verify the remote server has
> the certificate signed by some well-known CA or self-signed?

What are you trying to do exactly?

All root CAs are self-signed, even the "well-known" ones. It is just a
matter of who did the self-sign.

So the answer you need may be one of several things - which may not even
involve cert inspection.

> does that
> change if the server is running TLS 1.2 or 1.3?



More information about the squid-users mailing list