On Wed, 2 Feb 2011 11:15:31 -0500, "Martin \(Jake\) Jacobson" wrote:
> Hi,
>
> I need to configure a proxy box that will proxy a site that requires a
> PKI cert. The site requires a chained cert and fails if the cert
> presented is unchained. We have a bot that is only presenting its
> cert and not the complete chain so it fails the connection.
Sounds like you need to figure out why a non-chained cert was loaded into
the bot in the first place.
>
> I am wondering if we could have squid make the request for the
> resource and instead of using the bot's cert, the squid client would
> use the chained cert that I have loaded with squid?
>
> Jake Jacobson
To use Squid certs you will need the bot to communicate over unsecured
HTTP with Squid.
Then you just configure a cache_peer line in Squid presenting the relevant
cert to the website.
Amos
Received on Thu Feb 03 2011 - 03:04:18 MST
This archive was generated by hypermail 2.2.0 : Fri Feb 04 2011 - 12:00:01 MST