Squid Proxy does not see CA anymore
In the last three snapshots - today and the two days before - Squid in SSL Interception mode cannot be activated anymore, as it does not see the CA installed in Cert Manager ( the only available option in the Squid GUI is 'none' ).
I am posting here as it seems to be linked to Cert Manager in 2.5 rather than Squid itself.
If anyone has any idea.
@hexistenz Please provide more info about your CA cert
unable to reproduce it on 2.5.0.a.20210122.2350 with squid-pkg 0.4.45
Thanks a lot for looking into it. It's an intermediate CA - Key is ECC P521.
The CA is validly accepted in Cert-Manager and can generate Certificates.
For that matter any type of CA even RSA are not seen by Squid.
I tried to uninstall-reinstall but no luck yet. I may just do a clean install of the latest snapshot to see if it changes anything.
Any logs I may look into? I have not see any errors yet.
PS I am now on 2.5.0.a.20210122.2350 with squid-pkg 0.4.45
related to https://redmine.pfsense.org/issues/9897#note-7
Please add your comment or create a new bugreport:
Oh many thanks, removing all the P521 CAs, now Squid sees another type!
Thanks a lot for your help!