[squid-users] Certificate Authority with SSLBump
FredB
fredbmail at free.fr
Thu Feb 8 17:33:16 UTC 2018
Hi All,
In practise how you maintain the CA files? I'm testing SSLBump with Debian Jessie the package ca-certificates provides many certificates but less than the latest Firefox Browser.
How do you manage to keep all that in check? When a CA is missing you add the pem in you system config or exclude the website from SSLBump?
EG: From my test https://wiki.squid-cache.org seems unknown (71) Protocol error (TLS code: X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)
SSL Certficate error: certificate issuer (CA) not known: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
Thanks
Regards
Fred
More information about the squid-users
mailing list