Well yes, we are trying to incept...
I dont see where the "forgery" is, if my proxy CA is trusted and a
cert is generated for that target, signed by that CA, why should the
browser complain?
And why would FF not complain but IE9 does?
Sean
On 2 December 2011 17:29, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 3/12/2011 4:16 a.m., Sean Boran wrote:
>>
>> Yes it was add to the Windows cert store. (Tools> Options> Content
>>>
>>> Certiifcates> Trusted Root Certification Authorities).
>>
>> Not all all HTTPS websites cause errors either, e..g
>> https://www.credit-suisse.com is fine.
>
>
> Ouch. Their certificate is permitting any third-party (including your Squid)
> to forge their site credentials.
>
>
> Amos
Received on Fri Dec 02 2011 - 17:22:36 MST
This archive was generated by hypermail 2.2.0 : Sat Dec 03 2011 - 12:00:02 MST