<div class="chatflow-status" style="overflow:hidden;height:0px;opacity:0.001;float:right"><img src="https://bolt.im/t/?O1DO3p0DX-gO2Eho-xIA__BODHNmO3uaZuAp50JqvzDR9xU_6ZZy2Ez7PekRVZpzYADDv_v9nH2bcPXhBMobZTfBONQf1EjyG3wYFOmzpTo" width="0" height="0" style="width:0px;height:0px;opacity:0.001"></div><div dir="LTR">solution:<br>all monitoredsites, m1 m2 are bumped correctly<br>all others are spliced<br>squid4<br><br>this works great. just contact me for questions.<br><br><br>acl monitoredSites ssl::server_name_regex -i (phncdn|ypncdn|heise|rncdn|youporn) <br> <br>acl m1 ssl::server_name_regex -i \.youporn\.com <br> <br>acl m2 ssl::server_name_regex -i \.rncdn7\.com <br> <br>ssl_bump stare m1 <br>ssl_bump stare m2 <br>ssl_bump stare monitoredSites <br>ssl_bump peek !m1 !m2 !monitoredSites <br>#ssl_bump splice step3 !m1 !m2 <br>ssl_bump bump m1 <br>ssl_bump bump m2 <br>ssl_bump bump monitoredSites <br>ssl_bump splice !m1 !m2 !monitoredSites</div><chatflow-embed type="signature"><div><br><table cellspacing="0" cellpedding="0" border="0" style="margin-bottom:4px"><tr><td><a href="http://GetHop.com/?_hmid=1493629813" style="text-decoration:none">marco<span style="color:#999"> - Contact Using Hop</span></a></td></tr></table></div></chatflow-embed><div class="hop_extra"><br>On April 30, 2017 at 13:35 GMT, Yuri Voinov <<a href="mailto:yvoinov@gmail.com">yvoinov@gmail.com</a>> wrote:<br><blockquote class="hop_quote" style="margin:0 0 0 .2ex;border-left:1px #ccc solid;padding-left:1ex"><div><br></div><html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Check this. It seems this is the issue:<br>
</p>
<p><a class="moz-txt-link-freetext" href="http://bugs.squid-cache.org/show_bug.cgi?id=4711">http://bugs.squid-cache.org/show_bug.cgi?id=4711</a><br>
</p>
<br>
<div class="moz-cite-prefix">30.04.2017 12:02, snable snable пишет:<br>
</div>
<blockquote type="cite"
cite="mid:CADYcWGR1ntWdqG9vvuDHCO30Pu02MW+TY2rRU=Xu5VpvM2aQ1w@mail.gmail.com">
<div dir="auto">
<div style="font-family:sans-serif;font-size:13.696px"
dir="auto">
<div style="margin:16px 0px">
<div>
<div dir="auto">hello
<div dir="auto"><br>
</div>
<div dir="auto">i am using squid on a external box.</div>
<div dir="auto">i forward all traffic from my openwrt
router to it</div>
<div dir="auto">htto works fine</div>
<div dir="auto">https with youtube app doesnt work</div>
<div dir="auto">i get:</div>
<div dir="auto"><br>
</div>
<div dir="auto">
<div dir="auto"> Error negotiating SSL connection on
FD 73: error:14094416</div>
<div dir="auto">:SSL routines:SSL3_READ_BYTES:sslv3
alert certificate unknown (1/0)</div>
<div dir="auto"><br>
</div>
<div dir="auto">errors</div>
<div dir="auto"><br>
</div>
<div dir="auto">other sites work well so far</div>
<div dir="auto"><br>
</div>
<div dir="auto">i heard that squid4 auto downloads
intermediate certificates.. maybe thats the issue?</div>
<div dir="auto"><br>
</div>
<div dir="auto">i workarounded this with a white list
of sites that work. but i wanna rollout this for all
sites. (also see my other question)</div>
<div dir="auto"><br>
</div>
<div dir="auto">thanks!</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
squid-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a>
</pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
Bugs to the Future</div>
</body>
</html>
<div><br></div></blockquote></div>