On 1/11/2013 5:11 p.m., Lennert Rienau wrote:
> Hi,
> i want squid to create dynamic ssl certificates in intercept mode, which works, but squid uses ip-addresses for the certificates of the site, not the host name.
>
> Does anybody know why this happens?
Because you use client-first bumping on intercepted traffic.
The only details Squid has at that point are the IP address and port the
clients ws connecting to.
You need server-first bumping to contact the server and find out what
domain(s) its certificate indicate.
Amos
Received on Fri Nov 01 2013 - 08:54:21 MDT
This archive was generated by hypermail 2.2.0 : Fri Nov 01 2013 - 12:00:07 MDT