<div dir="ltr">By regression...I mean our QA testing server. Let me explain this in detail: I have a squid proxy running which is needed to connect to the server so we can get back if the transaction was approved or not. It is a point of sale application that send transaction data to the server to receive response about the transaction and that's when the problem is occurring when It is trying to communicate to that server. I received some help and I think ssl splice and ssl peek might work but I don't know how to use them. I don't the rules to apply in this situation.</div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jan 23, 2017 at 7:35 PM, Amos Jeffries <span dir="ltr"><<a href="mailto:squid3@treenet.co.nz" target="_blank">squid3@treenet.co.nz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">[ Please reply to the list, not to me personally. ]<br>
<span class=""><br>
On 24/01/2017 11:54 a.m., Mustafa Mohammad wrote:<br>
> I'm using 3.5.23 version. My problem is that I'm trying to hit our<br>
> regression server and after doing research, I found that SSL bump might<br>
> work for me but I'm not sure.<br>
<br>
</span>We (the squid-users list people) can probably answer that. But will need<br>
to know a bit more details about what exactly your situation is.<br>
<br>
I have been assuming that by "regression" you actually mean "legacy<br>
server" - as in; 'a server running old software'. Is that correct?<br>
<br>
If so, then the CRL check failing usually means that the CA who issued<br>
that certificate has formally published an advisory (CRL) indicating<br>
that certificate as invalid and must never be used again. Why can't you<br>
just change the cert?<br>
<span class=""><br>
<br>
> When my config file is not doing a crl check,<br>
> I was able to hit the server but I can't hit the server if my crlcheck is<br>
> set to yes. I'm very new to squid.<br>
<br>
</span>Okay. Sounds like you just need to disable the some checks. But lets put<br>
that aside until its clear whether Squid is the right solution for your<br>
need.<br>
<div class="HOEnZb"><div class="h5"><br>
Amos<br>
<br>
______________________________<wbr>_________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/<wbr>listinfo/squid-users</a><br>
</div></div></blockquote></div><br></div>