Search squid archive

Re: SSLBump and intermedia CA Certificate.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Tue, 07 Jun 2011 11:54:52 +0200, PaweÅ Mojski wrote:
Hi all.

Finally I successful implemented ssl-bump with dynamic certificate
generation feature.
But, I don't know how to configure squid to use intermediate ca certificate.
I generated Root CA, then using Root CA i signed Intermediate CA
certificate and now, I want squid to use this Intermediate CA
Certificate while generating certs for https connections.
Then I want to import Root CA certificate into Windows PKI to solve
"Unknown CA" error while surfing https pages.
How can I do that?

The client must have a full chain of trust from the root all the way down to the end certificate during the transactions. I think you may find that signing with an intermediate CA needs to install both the root and the intermediate public CA on the clients.

I'm looking around cafile, capath of ssl-bump options but nothing
works for me.

To squid there is only the cert PEM you told it to sign with.


[Linux Audio Users]     [Photo]     [Yosemite News]     [Samba]     [Video Projectors]     [Video Devices]     [Big List of Linux Books]     [LCD TVs]     [Webcams]     [Linux USB]

  Powered by Linux