<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
Hello£¬<span>I configured  https_port in squid.conf . However  when I a<span>ccess https websites using Firefox£¬it shows   "<span>Your connection is not secure" . </span></span></span>
<div><span><span><span><br>
</span></span></span></div>
<div><span><span><span>The error like this: </span></span></span></div>
<div><span><span><span><span><a href="http://www.amazon.com" class="OWAAutoLink" id="LPlnk179739" previewremoved="true">www.amazon.com</a> used an invalid security certificate. </span><br>
</span></span></span></div>
<div><span><span><span><span>This certificate is valid for 23.13.186.212 only. </span></span></span></span></div>
<div><span><span><span><span>Error code: SSL_ERROR_BAD_CERT_DOMAIN</span></span></span></span></div>
<div><span><span><span><span><br>
</span></span></span></span></div>
<div><span><span><span><span>My CA produced by openssl is a <span>Self-signed certificate.</span></span></span></span></span></div>
<div><span><span><span><span><span><br>
</span></span></span></span></span></div>
<div>Here is my squid.conf:</div>
<div><br>
</div>
<div>
<div>https_port 192.168.51.200:3129 intercept ssl-bump connection-auth=off generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/myCA.pem key=/usr/local/squid/ssl_cert/myCA.pem</div>
<div><br>
</div>
<div>acl ssl_step1 at_step SslBump1</div>
<div>acl ssl_step2 at_step SslBump2</div>
<div>acl ssl_step3 at_step SslBump3</div>
<div><br>
</div>
<div>ssl_bump bump all</div>
<div><br>
</div>
<div>sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s /usr/local/squid/lib/ssl_db -M 4MB</div>
<div>sslcrtd_children 8 startup=1 idle=1</div>
</div>
<div><br>
</div>
</div>
</body>
</html>