[squid-users] Using dont_verify_peer

Alex Rousskov rousskov at measurement-factory.com
Fri Apr 29 14:57:52 UTC 2016


On 04/28/2016 02:56 PM, Rafael Akchurin wrote:

> According to
> https://www.ssllabs.com/ssltest/analyze.html?d=agentimediaservices.com
> the server does not send the whole chain of certificates and imho squid
> cannot automatically download the intermediate certificates like
> browsers do.


Yes, this is a feature request or bug #4305:
http://bugs.squid-cache.org/show_bug.cgi?id=4305

Factory actually implemented that feature but the code is currently
stuck due to some surprising changes in Squid trunk that we now have to
review and accommodate first... I hope to be done with that in a few
weeks, but a constant drum of CVEs and other emergencies delays that work.

Alex.



More information about the squid-users mailing list