On 2023-12-11 14:06, Philipp Benner wrote:
Thank you for the infomation Claudio!
What a pitty!
I thought I found a tiny solution there.
Do you have any suggestions for an alternative? I don'´t want to install squid
becaus of limited ressources on this machine.
Any ideas? Or should I try
-
Von: Claudio Jeker
Gesendet: Samstag, 9. Dezember 2023 10:02
An: Philipp Benner
Cc: misc@openbsd.org
Betreff: Re: relayd https inspection certificate issue
On Fri, Dec 08, 2023 at 10:04:25PM +, Philipp Benner wrote:
> Dear all,
>
>
> I would like to use relayd as an ou
On 2023-12-09 04:02, Claudio Jeker wrote:
Don't do it. This "TLS inspection" mode is broken and it is close to
impossible to fix it. The way the MITM cert is built is not smart enough
and does not consider many special cases like SAN certs and OCSP.
It works for simple things but does not work
On Fri, Dec 08, 2023 at 10:04:25PM +, Philipp Benner wrote:
> Dear all,
>
>
> I would like to use relayd as an outbound https proxy, so I configured it
> like shown in the last section of the relayd.conf(5) manpage.
>
> This works fine for e.g. wikipedia.org. The certificate issued by my
Dear all,
I would like to use relayd as an outbound https proxy, so I configured it like
shown in the last section of the relayd.conf(5) manpage.
This works fine for e.g. wikipedia.org. The certificate issued by my relay is
nearly the same as the original, except oft he issuer of course.
5 matches
Mail list logo