On Mar 13, 2011, at 9:09 AM, arielf wrote:
> Apparently the squid configuration is ok.
>
> ----------------
> http_port 3128 ssl-bump key=server-key.pem cert=server-cert.pem
> ssl_bump allow all
> ------------------
>
> That is I tried a different 3rd party https site (my bank :) and everything
> seems to work fine.
> So the problem exists only when I try to use squid as proxy for my own
> created https site which is run on a tomcat that I configured the security
> for.
>
> Could it be that squid works only with CA certified sites?
Seems like you would need to set
sslproxy_flags DONT_VERIFY_PEER
in squid.conf to allow certificates that can not be verified.
Guy
--------
This message has been scanned by ComplianceSafe, powered by Palisade's PacketSure.
Received on Tue Mar 15 2011 - 13:58:17 MDT
This archive was generated by hypermail 2.2.0 : Tue Mar 15 2011 - 12:00:01 MDT