On Wed, 24 Mar 2004, Emre CELEBI wrote: > when squid tries to connect to internal web server i see (from ethereal) > as Alert Level: Fatal, TLS: Unknown CA ssl packets and the connection > fails. in squid logs i see Error negotiating SSL connection logs. > This is obviusly related to CA certificate auth. and with certificates.
You need to give Squid a directory of acceptable CA certificates, or disable certificate verificatin. Exact details varies depending on which method you use for the ssl connection (cache_peer, or direct). If cache_peer then see the cache_peer options. If direct see the sslproxy_ directives. > question: how do you (who use owa and iis servers certificate) export ur > server certificates and import ur server certificates to squid and make > squid ssl to server.And do u use clientca=/to/your/server_cert.crt? (is > there any trick here?) You should not, unless you want to move the official certificate from your existing server to Squid for presenting to the users. Regards Henrik
