[squid-users] Squid 6.8 SSL_BUMP TLS Error
Alex Rousskov
rousskov at measurement-factory.com
Wed Apr 17 17:52:36 UTC 2024
On 2024-04-17 09:07, Rauch, Mario wrote:
> We are receiving following errors when clients
> want to connect to specific website using ssl bump feature and self
> signed certificate:
>
> 2024/04/17 14:55:15 kid1| ERROR: failure while accepting a TLS
> connection on conn275 local=185.229.91.169:3128
> remote=81.217.86.125:63673 FD 16 flags=1:
> SQUID_TLS_ERR_ACCEPT+TLS_LIB_ERR=A000418+TLS_IO_ERR=1
>
> Does somebody know what the problem could be?
$ openssl errstr A000418
error:0A000418:SSL routines::tlsv1 alert unknown ca
Looks like the client does not trust Squid certificate and tells Squid
about that lack of trust via a TLS alert. Did you configure the client
to trust the certificate your Squid is using for bumping client connections?
HTH,
Alex.
> With old Squid 3.5 it worked with almost same config and certificate.
More information about the squid-users
mailing list