<!DOCTYPE html><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head><body><div data-html-editor-font-wrapper="true" style="font-family: arial, sans-serif; font-size: 13px;"><br>Hi Squid Community,<br><br>how can I configure Squid to create SSL Bump Certifications with only 3-12 months date of expiry?<br><br>Currently, Squid SSL bumped Certifications are valid 20 years in my case, way too long, as Apple & Google & Mozilla will trust only <1 Year SSL certifications in the future.<br><br>Thanks for any help!<br>Schroeffu<br><br>my conf:<br><br>http_port {{ inventory_hostname }}:{{ squid_port }} ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/certs/(***).pem key=/etc/squid/certs/(***).pem<br>sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB<br>always_direct allow all<br>ssl_bump bump !domains_dont_sslbump<signature></signature></div></body></html>