[squid-users] Why 3.5.0.4 generates mimicked certs with server IP only when bumping?

Yuri Voinov yvoinov at gmail.com
Fri Jan 9 10:45:42 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
I have working production 3.4.10 with working ssl bumping.

Config was the same as working 3.4.10. I've just want to take a look on
new release.

in squid.documented said, than backward compatibility server-first and
none options for ssl_bump are kept.

But:

Neither works with old syntax, nor new.

Looks like target https hosts not resolved and bump got only IP.

09.01.2015 16:41, Amos Jeffries пишет:
> On 9/01/2015 9:36 p.m., Yuri Voinov wrote:
>
> > Hi,
>
> > gents.
>
> > I've try to test last daily-generated 3.5.0.4 and meet different
> > behaviour (different from 3.4.10).
>
> > All squid-generated mimicked certs contains in CN only server IP,
> > not hostname.
>
> > Following, all client browsers are unhappy. :)
>
> > What I'm doing wrong?
>
> What are you doing? specific squid.conf details please.
>
> Amos
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJUr7FWAAoJENNXIZxhPexGJuIH/2BO2NpSaIbKLKx86AAGiQt1
GWVk1jb+YeYsOyRR/Caw5nBApGe9ZteYD0tD9zqaHtz/eIIUdv9XORQxWvxtXtpH
z4p7aFzEFRhZ4/3FMwKVtvZaJa5FZLqUVQXSL96kGOtKuXS40Un7gAUNggejuhrm
ZrfUdD7kXycy9Y0GvRmhAIr+BjjuwzujkBqWk2R4ooPf5HSHmDSiG+dqhheIO/dO
LShUco13el3ucLxrumPHSCUDUpSyPLPlvj4p9tyKJURoVv6v7bepCP7AYhA5YV1S
EvJo8AAdLZTkVcbnTjiuqjB28F3dkB0LKvSJOSCNPIWcueX6X3Y8a5VR2+igANk=
=510Q
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150109/7218c074/attachment.html>


More information about the squid-users mailing list