Hi,
We are using Squid 3.1.12[1] in our environment as forward-Proxy with
a PAC-file for HTTP and HTTPs. As far as I know, HTTPs works via the
CONNECT-method (we are not using any SSL-bump-stuff) and should not
touch the SSL certificate at all. Unfortunately, we are currently
experiencing a strange behavior with a SSL certificate for only a
couple of users (win7 clients with IE9 and ldap basic authentication):
URL: https://www.brandschutz-online.cc/kastner/
certification path without proxy:
GeoTrust Global CA
-> RapidSSL CA
-> www.brandschutz-online.cc
If we are using Squid as proxy, we get following certification path in IE9:
www.brandschutz-online.cc
IE9 is complaining about a certificate error.
Any idea why this is happening? Usually, everything is working for
HTTPs without any browser complaints.
regards,
Peter
[1]Squid Cache: Version 3.1.12
configure options: '--enable-ssl' '--enable-icap-client'
'--sysconfdir=/etc/squid' '--enable-async-io' '--enable-snmp'
'--enable-poll' '--with-maxfd=32768' '--enable-storeio=aufs'
'--enable-removal-policies=heap,lru' '--enable-epoll'
'--disable-ident-lookups' '--enable-truncate'
'--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid'
'--with-default-user=squid' '--prefix=/opt/squid' '--enable-auth=basic
digest ntlm negotiate'
'-enable-negotiate-auth-helpers=squid_kerb_auth'
--with-squid=/home/squid/squid-3.1.12 --enable-ltdl-convenience
s
OS: Red Hat Enterprise Linux Server release 5.5 (Tikanga) 64Bit
ICAP-Server: McAfee Webwasher
Received on Thu Oct 18 2012 - 08:53:41 MDT
This archive was generated by hypermail 2.2.0 : Thu Oct 18 2012 - 12:00:03 MDT