[squid-users] Squid 5: server_cert_fingerprint not working fine...
Amos Jeffries
squid3 at treenet.co.nz
Sat Nov 19 15:58:32 UTC 2022
On 20/11/2022 2:43 am, UnveilTech - Support wrote:
> Hi Amos,
>
> Quick update...
> A 10 lines PHP helper is able to catch the SHA1 key with a basis "openssl_x509_fingerprint" function when Squid, a 1 million lines product, could not be able ?
The question-conclusion you have reached is ridiculous...
PHP is not just the script itself (that is more akin to *only* the
squid.conf lines you configured) - it is likely also the Zend engine
and/or Apache as well.
To compare against the entirely of Squid you would have to compare
against all their Lines-of-Code, developer teams sizes and funding.
Against which a) Squid falls far short, and b) most said lines of code
have nothing to do with your TLS problem.
> Samples from the helper:
> apple.com tls1.3, SHA1: "7B:B1:94:4F:56:5D:7D:64:A1:45:5C:91:E5:BA:0C:EA:D9:FB:91:50"
> xforce-cracks.com tls1.3, SHA1: "31:3E:E1:3D:FD:B1:0A:C0:CA:AF:30:47:0A:BA:A1:49:D4:08:42:2A"
>
> I'm sure the Squid team can do better than a PHP function 😊
What does said script to *exactly* ?
Cheers
Amos
More information about the squid-users
mailing list