Hi there,
The attached patch implements dynamic SSL certificate generation in
Squid. When used with SSL Bump, the feature allows Squid to dynamically
generate (using a configurable CA certificate) and cache SSL
certificates for the proxied hosts. The following wiki page contains
usage instructions and caveats:
http://wiki.squid-cache.org/Features/DynamicSslCert
The code works in our tests. The code quality is below my standards in
some areas, but since it is optional/isolated and since traffic
inspection is an increasingly popular feature, I think it should be
committed. Moreover, the project funding was a disaster so I am worried
that the longer it lingers the higher are the chances that it will be
completely abandoned.
The patch is against Squid v3.1 branch, revision 9820. If generally
approved, it will be ported to trunk for v3.2 inclusion.
Thank you,
Alex.
This archive was generated by hypermail 2.2.0 : Fri Mar 26 2010 - 12:00:10 MDT