Not exactly. The upstream destination still requires SSL connectivity to be
usable - and the client will be faced with certificate domain does not match
errors unless yoru peer is also able to perform server-forst bumping when it
gets contacted by your Squid.
It looks to me like your peer is r
On 23/11/2012 7:15 a.m., Steve Hill wrote:
I'm currently testing the SSL bump-server-first functionality in Squid
3.3.0.1-20121122-r12391. I have an upstream proxy with "never-direct
allow all" set (the reasons for this are slightly convoluted :).
When making a bumped request, Squid bombs w
I'm currently testing the SSL bump-server-first functionality in Squid
3.3.0.1-20121122-r12391. I have an upstream proxy with "never-direct
allow all" set (the reasons for this are slightly convoluted :).
When making a bumped request, Squid bombs with:
2012/11/22 17:53:57 kid1| assertion fai
