Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3-dev ssl error on gmail

    Scheduled Pinned Locked Moved
    pfSense Packages
    2
    3
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      djnemo
      last edited by

      Hello forum,

      I install pfSense 2.1 RC1 with squid3-dev + squidguard, i add CA in pfsense then install certs on all clients , Now we can browse https website without error but when im trying to browse websites like gmail.com

      
You attempted to reach [b]gmail.com[/b], but instead you actually reached a server identifying itself as [b]mail.google.com[/b]. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of gmail.com.
You cannot proceed because the website operator has requested heightened security for this domain.

      Can i solve this with a valid Certificate bought from Versign or other?
      If i buy a valid cert do i need to install it on all clients or its already trusted by clients browsers ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • marcellocM
        marcelloc
        last edited by

        It's looking for s different certificate /site.

        Try to reach gmail with www and see what certificate it asks for.

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • D
          djnemo
          last edited by 

          
The following error was encountered while trying to retrieve the URL: https://www.gmail.com/

Failed to establish a secure connection to 173.194.45.85

The system returned:

[No Error] (TLS code: SQUID_X509_V_ERR_DOMAIN_MISMATCH)

Certificate does not match domainname: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com

This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.

Your cache administrator is admin@localhost.

          but works with https://mail.google.com/mail/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.