Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] squid ca for ssl intersepting

    Scheduled Pinned Locked Moved Cache/Proxy
    4 Posts 3 Posters 872 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rcmpayne
      last edited by

      Hey All,

      i have squid all working for http interception enabled and would like to do this with ssl but not have to install the untrusted cert on all the pc's at my house. if i buy a ca cert online will that work providing that its signed by a cert preinstalled on pc by default? thawte, verisign etc

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        You cannot buy any such certificate (except perhaps if you are Chinese gov or 3letter agency).

        1 Reply Last reply Reply Quote 0
        • S
          sichent Banned
          last edited by

          Just imaging you walk into my internet cafee where I purchased such a certificate and I am able to see all your banking transactions including pin etc. - nightmare, isn't it?
          You MUST install Root CA certificate into all your devices if you intend to filter HTTPS. No other way.

          1 Reply Last reply Reply Quote 0
          • R
            rcmpayne
            last edited by

            Thanks

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.