Re: [squid-users] Fwd: gmail.com certificate name mismatch

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 12 Jul 2014 20:20:29 +1200

On 12/07/2014 7:50 p.m., Walter H. wrote:
> Hello
>
> On 16.06.2014 19:12, Alex Rousskov wrote:
>> On 06/16/2014 10:58 AM, Walter H. wrote:
>>
>>> I found something strange in connection with server-first and google ...
>>>
>>> any browser: IE, googles own browser Chrome doesn't tell any problem
>>> with ie. https://www.youtube.com
>>> but FireFox does - you know the error when something with certificates
>>> is not ok - with this:
>>>
>>> www.youtube.com uses an invalid security certificate.
>>>
>>> The certificate is not trusted because it was issued by an invalid CA
>>> certificate.
>>>
>>> (Error code: sec_error_inadequate_key_usage)
>>>
>>> can someone please explain why this is a problem only in FF?
>>
>> Please see http://bugs.squid-cache.org/show_bug.cgi?id=3966
>> It appears to match your use case well and has a patch.
>>
> which squid fixes this problem? and has a rpm for CentOS?

3.5 will. I am still working through a backlog of work before 3.4
backprot even gets attempted.
AFAIK there are no RPMs of recent 3.HEAD/3.5 Squid code which would
contain it.

Amos
Received on Sat Jul 12 2014 - 08:20:39 MDT

This archive was generated by hypermail 2.2.0 : Sat Jul 12 2014 - 12:00:05 MDT