Re: [squid-users] SSL bump interception and certificates warnign from Lo�c BLOT on 2013-09-11 (squid-users)

From: Lo�c BLOT <loic.blot_at_unix-experience.fr>
Date: Wed, 11 Sep 2013 21:56:41 +0200

Then, if i add my own CA to firefox warning will disappear ?

-- 
Best regards,
Loïc BLOT, 
UNIX systems, security and network engineer
http://www.unix-experience.fr
Le mercredi 11 septembre 2013 à 23:04 +1200, Amos Jeffries a écrit :
> On 11/09/2013 9:07 p.m., Job wrote:
> > Hi,
> >
> > i read documentation about Squid SSL Bump, but i remain one doubt: by implementing transparent redirection (with iptables) of the 443 ports, with Dynamic-SSL Cert (or something else), can i avoid certificate warning, also without importing Squid CA Authority in clients browers?
> 
> No. The only way to prevent certificate warnings is to use a valid 
> certificate signed by a CA the user agent trusts.
> 
> Amos

application/pgp-signature attachment: This is a digitally signed message part

Received on Wed Sep 11 2013 - 19:47:17 MDT

This archive was generated by hypermail 2.2.0 : Fri Sep 13 2013 - 12:00:07 MDT