[squid-users] ssl bump certificate question
Antony Stone
Antony.Stone at squid.open.source.it
Wed Sep 7 20:58:07 UTC 2016
On Wednesday 07 September 2016 at 22:55:06, Yuri Voinov wrote:
> 08.09.2016 2:25, erdosain9 пишет:
> > Hi.
> > A query. Sslbump is possible without installing the certificate,
> > machine by machine ???
>
> Bump impossible. Splice - possible.
>
> > Is there any way that this certificate Squid SUBMIT ??
>
> Cant understand question. What do you mean?
I believe he wants a mechanism for squid to be able to provide the fake CA
certificate to the browser, so that the browser then trusts the fake site
certificate which is signed with it.
Of course, this is impossible, since any mechanism which allowed this would
allow the browser to be fooled into trusting any certificate anyone cared to
wave at it.
Antony.
--
#define SIX 1+5
#define NINE 8+1
int main() {
printf("%d\n", SIX * NINE);
}
- thanks to ECB for bringing this to my attention
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list