-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Please outline which of the 7 statements you mean by "this".
Amos
On 17/04/2014 2:38 p.m., James Lay wrote:
> From the squid.conf.documented:
>
> # SSL Bump Mode Options: # In addition to these
> options ssl-bump requires TLS/SSL options. # #
> generate-host-certificates[=<on|off>] #
> Dynamically create SSL server certificates for the #
> destination hosts of bumped CONNECT requests.When #
> enabled, the cert and key options are used to sign #
> generated certificates. Otherwise generated #
> certificate will be selfsigned. # If there is
> a CA certificate lifetime of the generated #
> certificate equals lifetime of the CA certificate. If #
> generated certificate is selfsigned lifetime is three #
> years. # This option is enabled by default
> when ssl-bump is used. # See the ssl-bump
> option above for more information.
>
> I did not find this to be the case and had to add it to my
> https_ports line:
>
> https_port bleh:3129 intercept generate-host-certificates=on
> ssl-bump cert=/opt/sslsplit/sslsplit.crt
> key=/opt/sslsplit/sslsplitca.key options=ALL
>
> Thank you.
>
> James
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJTUUGOAAoJELJo5wb/XPRj0y4IANdveekbpjcjs0mP/SyxNb3X
+9Oo2WekHaBM4jsyEKnfBoWfIrONCFVfQhtjSBVlWFFcoekUT4l21B8D2sK+Ytq1
ch0czzI2/jKDAnHca/wL2R0BGdnoxxAQ4cA6iUTQmN1cOnpKpxRZEf8068Awaf3j
jEyXPls9W1rXHKDKiKLNJyAh4uhm7cWYEqS58xPnVx5LZEf5pKwYXPV7lXgkjggJ
FTbw9OmL54iWPkcX5yvdF2sA0pVLo5511hbe2XSc7Jdv6yvifQEzwwA/ROBSCruF
GVz++38JWaYMzmqw+xn3qgWYgvgKaGb+hlmYte9WI2koygUVWxUrmc5tKo6BOf8=
=pQt0
-----END PGP SIGNATURE-----
Received on Fri Apr 18 2014 - 15:15:35 MDT
This archive was generated by hypermail 2.2.0 : Fri Apr 18 2014 - 12:00:06 MDT