Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Skip SSL certificate on squid3

    Cache/Proxy
    3
    4
    1.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chavarriaa
      last edited by

      Hello Pfsense admins, I want to know if there any way to bump a SSL certificate generated by pfsense?
      Here is my problem
      I've just configured pfsense 2.2.4 as proxy server with squid3 pkg 0.2.9 with HTTPS/ssl Interception (i have already installed my own CA generated by pfsense on every computer)
      Filter, internet access is okay. The problem is when i try to access a sites like gmail, web whatsapp, an other sites the browser says the next problems:

      • "procede to unsafe site" -> click and done.

      • "procede to unsafe site" -> click and appears the next error: http://i.imgur.com/R1tVxNl.png

      • In some appears the next -> http://i.imgur.com/MlJS1hk.png

      Also with squid, can't update any software (antivirus, windows, etc)

      I tried to put another CA certificate (generated from starssl.com). When i put it, squid doesn't working, i could not access to internet. Also tried to the comand ssl_bump like said this site http://wiki.squid-cache.org/Features/SslBump

      It's better the package Squid3-dev than squid3? i wonder because many of people on forums had pfsense 2.1.x and apparently works good. If so… i had to put pfsense 2.1 because 2.2.4 i can't install squid3-dev package. Or do you recommend me a WPAD configuration?

      Attached, my squid3 GUI configuration: http://i.imgur.com/BuVkU4O.png (ohters tabs on squid is default )

      thanks for taking your time reading this,
      Best regards

      1 Reply Last reply Reply Quote 0
      • S
        shaqan
        last edited by

        @chavarriaa:

        Also with squid, can't update any software (antivirus, windows, etc)

        Does AV works at all for you, when it gets installed after you installed squid package? For me ClamAV stays down and errs out. (3 different installs)

        1 Reply Last reply Reply Quote 0
        • C
          chavarriaa
          last edited by

          when i installed squid3, clamv and c-icap doesn't work. searching on the web i found this (only ran c-icap):```
          https://translate.google.com/translate?hl=en-419&sl=fr&tl=en&u=http%3A%2F%2Fmylittleweb.eu%2F2015%2F01%2F30%2Fpfsense-2-2-squid-et-antivirus%2F&sandbox=1

          I searched in pfsense forums, but mostly people use pfsense 2.1.5 with squid3-dev. How did you run CLAMAV?

**** EDITED ****
just simply took a time to start.. But always have  problems to update my softwares, also the internet became very slow
          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            I use squid in explicit mode so that I don't have to play around with certificates.  Configure WPAD to allow your clients to auto-detect your proxy.  I am currently running pfSense 2.2.4 with squid3 0.2.8.  Everything works fine for me.  Transparent mode seduces you with promises of everything just working by magic, but then she stabs you in the back when HTTPS comes along.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.