[squid-users] tlsv1 alert unknown ca (1/0)

masterx81 gecom at tubosider.it
Thu Apr 26 08:40:08 UTC 2018


Hi!
I've enabled the ssl-bump with following directives:
acl no_ssl_interception dstdomain .somedomain.com

ssl_bump none localhost
ssl_bump none no_ssl_interception

ssl_bump stare
ssl_bump bump all

http_port 8080 ssl-bump cert=/etc/squid/ca.pem generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB options=NO_SSLv3,NO_SSLv2
sslflags=NO_DEFAULT_CA


But in the cache.log file i have a lot of:
2018/04/26 10:27:45 kid1| Error negotiating SSL connection on FD 70:
error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (1/0)

tried to put the directive
sslproxy_cafile /etc/ssl/certs/ca-bundle.crt

tried to do the yum install ca-certificates to update the packages, no luck.

I've read several discussions about this, but i've not came up with
nothing...

the sites on the clients open well...

What i can try to do?
Thanks!





--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html


More information about the squid-users mailing list