[squid-users] HSTS and MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA

erdosain9 erdosain9 at gmail.com
Wed Aug 10 23:44:56 UTC 2016


Thanks!it works!!!but...........  have this strange behavior in
access.log1470835274.046    896 192.168.1.172 NONE/200 0 CONNECT
mail.google.com:443 - HIER_DIRECT/172.217.28.229 -1470835274.569    521
192.168.1.172 TCP_MISS/204 406 GET https://mail.google.com/mail/gxlu? -
PINNED/2800:3f0:4002:800::2005 -1470835339.166    797 192.168.1.172 NONE/200
0 CONNECT www.facebook.com:443 - HIER_DIRECT/31.13.73.36 -1470835339.398   
228 192.168.1.172 TCP_MISS/200 1995 POST https://www.facebook.com/ajax/bz -
PINNED/2a03:2880:f100:83:face:b00c:0:25de
application/x-javascript1470835490.537   2164 192.168.1.172 NONE/200 0
CONNECT www.facebook.com:443 - HIER_DIRECT/31.13.85.36 -1470835491.041   
504 192.168.1.172 TCP_MISS/200 1800 POST https://www.facebook.com/ajax/bz -
PINNED/2a03:2880:f100:83:face:b00c:0:25de application/x-jfirst a *NONE/200
*when i go to a https web... it works, but what can be that
"none/200"???*this is now my squid.conf:*# Squid listen Porthttp_port
192.168.1.215:3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_cert/myca.pem
key=/etc/squid/ssl_cert/myca.pemalways_direct allow allssl_bump server-first
all#sslproxy_cert_error deny all#sslproxy_flags
DONT_VERIFY_PEERsslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db
-M 4MBsslcrtd_children 8 startup=1 idle=1Thanks!!!!!!



--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/HSTS-and-MOZILLA-PKIX-ERROR-V1-CERT-USED-AS-CA-tp4678817p4678827.html
Sent from the Squid - Users mailing list archive at Nabble.com.


More information about the squid-users mailing list