[squid-users] HSTS in browsers summary, help wanted.

ngtech1ltd at gmail.com ngtech1ltd at gmail.com
Wed Jun 28 16:02:53 UTC 2023


Hey Everyone,

I am testing Squid 5.9 and 6.0.3 now and I am trying to understand what might go wrong in the client side with SSL Bump.
I have a nice setup which works with a mysql DB and it can be recreated with vagrant in a very simple manner on-top of all EL8 based Distros.
(Alma, Rocky, CentOS, Oracle, RHEL, Fedora).

There are a set of helpers which runs in the background and do the heavy lifting to make the setup more dynamic.

Since I am using an existing DESKTOP there is HSTS history in the browsers:
- Edge
- Chrome
- Firefox

I have added the Root CA certificate to both Windows trusted root ca's store and into firefox certificates store.

For many sites like bing... the HSTS warning is popping out.
In edge I can disable HSTS but I don't know how to clean the HSTS cache in Edge and in other browsers.
Any help would be usefull.

Thanks,
Eliezer

* I will post later on the Vagrant sources.



More information about the squid-users mailing list