I am using Squid 2.5S5 with ssl-patch. Squid is acting as a ssl gateway perfectly (only https between client and squid).
For iis and apache (command SSLCertificateChainFile), there is the possibility to chain several certificates together: server certificate, ca certificate root certificate. Useful, if the ca and root certificate are not included in the browser.
In this case, the ca and root certificates are transmitted to the client without the message about an untrustable ca and those certificates are installed all at once.
Is this possible in squid, too? I tried to include all three certificates in one file (server, ca, root). Squid started, but still seems to only use the server certificate, so I still get the browser warnings.
The addons of the ssl patch seem only to be of relevance for client certificates and https between squid and server.
The additional parameters like cafile or sslproxy_cafile seem not to be used for my problem.
Thx in advance, alp
