Re: [squid-users] Dynamic SSL

From: Guy Helmer <guy.helmer_at_palisadesystems.com>
Date: Thu, 14 Mar 2013 09:05:21 -0500

On Mar 14, 2013, at 7:22 AM, Hasanen AL-Bana <hasanen_at_gmail.com> wrote:

> Hi,
>
> I have successfully installed squid 3.3 compiled with ssl support
> Interception SSL traffic is working fine with browsers loaded with my
> self created .DER file.
> But without it , I keep getting browser warningings , chrome doesn't
> work at all with gmail in this case.

That's correct behavior.

> The question is , if I purchase a valid SSL certificate , will squid
> be able to use it for all websites ?
> Will user browsers accept it ?

No, you can't purchase a certificate from legitimate certificate vendors that can sign other arbitrary certificates. If you could, then any site could impersonate any other site, and server authentication by certificates would be meaningless.

Guy
Received on Thu Mar 14 2013 - 14:05:49 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 14 2013 - 12:00:06 MDT