Re: [squid-users] Bump-Server-First supposed to work like this?

From: Guy Helmer <guy.helmer_at_palisadesystems.com>
Date: Wed, 10 Apr 2013 15:51:13 -0500

On Apr 10, 2013, at 1:07 PM, .. <sauron99_at_gmx.de> wrote:

> Hello list,
> im playing around with Bump-Server-First method at the moment and I have
> a quite simple question about this.
>
> For me it seems to work in non transparent mode at the moment, so i can
> see also the https traffic going over the Proxy. But my browser gives me
> out a warning that the certificate is not valid.
>
> Is that supposed to work like this? If i do understand this right i have
> to install my "fake" certificate to my browser to avoid these messages
> right?
>

Yes, that is correct operation. Otherwise anyone could perform man-in-the-middle decryption with dynamically generated certificates that clients would trust.

Guy
Received on Wed Apr 10 2013 - 20:51:42 MDT

This archive was generated by hypermail 2.2.0 : Thu Apr 11 2013 - 12:00:03 MDT