Re: [squid-users] Ne​ed help on SSL bump ​and certificate chai​n​

From: Alex Rousskov <>
Date: Thu, 25 Apr 2013 11:48:51 -0600

On 04/25/2013 07:27 AM, wrote:

> I need a solution where the client configuration is not changed

Fortunately, such solution does not exist. The only way to bump traffic
without client warnings is to make the client trust the Squid signing
certificate. For that, you have to change the client configuration (or
the configuration of software that the client uses to validate
certificates such as OpenSSL).

If bumping SSL traffic without client consent or knowledge was possible,
SSL would be useless.


Received on Thu Apr 25 2013 - 17:48:58 MDT

This archive was generated by hypermail 2.2.0 : Fri Apr 26 2013 - 12:00:04 MDT