[squid-users] proxying for SSL problem

From: Schaefer, Charles <cschaefer@dont-contact.us>
Date: Wed, 7 Jan 2004 10:34:49 -0500

I'm using squid.2.5.stable4 in a proxying for SSL configuration. I have a
signed cert from verisign outside the firewall, and a self signed cert
inside the firewall. Some users are complaining saying that:

"the internet browser Safari gave me this warning:

'The website's certificate was signed by an unknown certifying authority.
You might be connecting to a website that is pretending to be
"server.domain.com" which could put your confidential information at risk.
Would you like to continue anyway?'"

My question is, should I use a verisign signed cert on the inside squid box
also (yet another $1600 US)?

Here is my configuration:

client<--->internet<--->squid1<--->firewall<--->squid2<--->application
server
SSL SSL SSL SSL SSL http

Thanks
Received on Wed Jan 07 2004 - 08:35:42 MST

This archive was generated by hypermail pre-2.1.9 : Sun Feb 01 2004 - 12:00:04 MST