[squid-users] Intercept HTTPS with dynamic certificate for clients

From: Emmanuel LAZARO - S.IM.KO. <em.lazaro_at_simko.fr>
Date: Wed, 19 Mar 2014 08:53:56 -0300

Hi all,

I am using Squid 3.4.4 on debian wheezy compiling the sources.

I am trying to configure squid as a transparent proxy using :

https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/CertifSignature/SquidServeurVeriSign.pem key=/etc/squid3/CertifSignature/Squid.key

The SquidServeurVeriSign.pem have been signed by verisign.

How can i avoid the alerts on firefox or safari (i am in a mac osx environment) because the alerts are spoting on every https pages :

"Connexion not certified

You asked firefox to connect... we can't confirm the connexion is secured...website identity can't be verified."

Sry for the translation...

Can someone help me ?

NB : I imported the root certificate in my firefox.
------

LAZARO Emmanuel
Received on Wed Mar 19 2014 - 11:54:03 MDT

This archive was generated by hypermail 2.2.0 : Mon Mar 24 2014 - 12:00:05 MDT