[squid-users] Incomplete Certificate Chain for wiki.squid-cache.org
Dieter Bloms
squid.org at bloms.de
Thu Jan 14 13:26:26 UTC 2021
Hello Amos,
On Thu, Jan 14, Amos Jeffries wrote:
> On 13/01/21 11:27 pm, Dieter Bloms wrote:
> > Hello,
> >
> > the wiki of squid cache project (wiki.squid-cache.org) has an incomplete
> > certificate chain.
> > I can't access the website with enabled sslbump and tlsv1.3 support,
> > because squid isn't able to download the missing intermediate
> > certificate on its own.
>
> What version of Squid are you using?
we use squid 4.13 and it works for tls version <1.3
> These certificates generated by LetsEncrypt use the AIA mechanism which
> latest Squid versions should be downloading intermediate certs as-needed.
but for tls1.3 it doesn't work, because the certificate is encrypted.
Please have a look at the bugreport https://bugs.squid-cache.org/show_bug.cgi?id=5067
--
Gruß
Dieter
--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
From field.
More information about the squid-users
mailing list