[squid-users] SSL3_READ_BYTES:sslv3 alert certificate unknown

Alex Rousskov rousskov at measurement-factory.com
Wed Oct 28 21:24:51 UTC 2015


On 10/28/2015 07:55 AM, Amos Jeffries wrote:
> What is missing is just some CA in the chain. It needs to be located
> somehow, only then can the decision happen about whether to trust or not
> and see if another up the chain is needed too.

If you are right, then this could be related to bug 4305 then (if you
ignore all the noise there):

  http://bugs.squid-cache.org/show_bug.cgi?id=4305

FWIW, Factory is working on implementing automatic certificate fetching
feature. That is a huge feature but we are making good progress.
Meanwhile, there is a simpler patch posted to that bug report that helps
manage this problem (but does not solve it).


HTH,

Alex.



More information about the squid-users mailing list