Re: [squid-users] squid/sslbump + IE9

This message: [ Message body ] [ More options ]
Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ]

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 03 Dec 2011 05:29:17 +1300

On 3/12/2011 4:16 a.m., Sean Boran wrote:
> Yes it was add to the Windows cert store. (Tools> Options> Content
>> Certiifcates> Trusted Root Certification Authorities).
> Not all all HTTPS websites cause errors either, e..g
> https://www.credit-suisse.com is fine.

Ouch. Their certificate is permitting any third-party (including your
Squid) to forge their site credentials.

Amos
Received on Fri Dec 02 2011 - 16:29:24 MST

This archive was generated by hypermail 2.2.0 : Fri Dec 02 2011 - 12:00:01 MST