Hello, We have been using Squid with SSLBump for years. The RootCA will expire next year, which is why we have already created a new RootCA. Since there are still many proprietary clients that do not yet have the new RootCA, I have two intermediate certificates (one from the old and one from the new RootCA) issued for the intermediate certificate using the very same CSR.
Now I have copied these two certificates together with the private key into a PEM file (first the certificates, then the key), but only the first certificate is ever delivered. Is there a way to have the second certificate delivered as well, so that clients with the old RootCA and clients with the new RootCA can verify the certificates issued by Squid? Or is there a better solution in general if the certificates issued by Squid are to be temporarily validated by two RootCAs? -- Regards Dieter Bloms -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the >From field. _______________________________________________ squid-users mailing list [email protected] https://lists.squid-cache.org/listinfo/squid-users
