[squid-dev] Bug 4305: Squid reports X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY...

Christos Tsantilas christos at chtsanti.net
Tue Dec 1 11:52:38 UTC 2015


On 12/01/2015 01:38 PM, Amos Jeffries wrote:
> On 1/12/2015 9:36 p.m., Christos Tsantilas wrote:
>> On 11/29/2015 09:00 AM, Amos Jeffries wrote:
>>> On 28/11/2015 9:35 p.m., Christos Tsantilas wrote:
>> Moreover the name of new directive it should be clear about the purpose
>> of these certificates.
>
> Nod. "untrusted" is not exactly a clear name to anyone unfamiliar with
> the internals of OpenSSL. To the rest of the world (including Squid's
> usage) these are "intermediate certificates". So calling it
> "sslproxy_intermediate_certs" might be clearer to admin than untrusted.
> But I dont have any preference either way.

You are right. Using the "intermediate" instead of "trusted" term looks 
better.

Lets wait Alex opinion on this, and I will fix the name before commit if 
he agree too.


>


More information about the squid-dev mailing list