[squid-users] How to know, which CA certificate is absent?

Yuri Voinov yvoinov at gmail.com
Thu Jan 15 11:00:35 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hi gents,

I have question.

Look:

2015/01/15 16:48:50 kid1| clientNegotiateSSL: Error negotiating SSL
connection on FD 209: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
alert unknown ca (1/0)
2015/01/15 16:50:50 kid1| clientNegotiateSSL: Error negotiating SSL
connection on FD 216: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
alert unknown ca (1/0)
2015/01/15 16:52:51 kid1| clientNegotiateSSL: Error negotiating SSL
connection on FD 42: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
alert unknown ca (1/0)
2015/01/15 16:54:54 kid1| clientNegotiateSSL: Error negotiating SSL
connection on FD 107: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1
alert unknown ca (1/0)

Question is: How to debug SSL bump to know, which intermediate
certificate is absent in capath to get and install it to avoid this
annoying messages?

WBR, Yuri
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBAgAGBQJUt53TAAoJENNXIZxhPexGOjQIALajScJu2Q0yItmB+tyeo8rn
sSslibis5GiMrUaN/KlAMD8IN9g8AMPi9NIZKOR8BUqFJFvhcUZknFUpWkWu6Ceb
eQPO3qTBZUUjsNch/eILaXTaq+eOhWBsrHi639vvyxTz+uwzHVMTgA8K3OH62bJ9
L9Ew/dI+mgkRMBKMgakr6J4IdyrjNSBQN2ln8fiKyRJFygej0VFLjfUllYb4OC9i
QsgXLPBYo6k2S+LCNGZefkS3AvydqhicedhYo+hP2IRd7/9Pmk4gDTpYc1v0vXXa
kNOv/HfZn1nVXJNjLH2Pf/7+aZKwDBlKRYMl68TL8mDpZbXG0l2vpIHhNwXElbg=
=aDgE
-----END PGP SIGNATURE-----



More information about the squid-users mailing list