Re: [squid-users] SSL bump interception and certificates warnign

From: Eliezer Croitoru <eliezer_at_ngtech.co.il>
Date: Thu, 12 Sep 2013 00:07:01 +0300

On 09/11/2013 10:56 PM, Loïc BLOT wrote:
> Then, if i add my own CA to firefox warning will disappear ?
>
There are times that the certificate is a fake by default by the
source of the page so it will disappear(maybe) but then you will need
a very good defense on the application level.

I do let squid handle my certificates and also many others.
just make sure that squid verifies the source CA and all the other
chain of authorities.

Eliezer
Received on Wed Sep 11 2013 - 21:07:11 MDT

This archive was generated by hypermail 2.2.0 : Thu Sep 12 2013 - 12:00:04 MDT