Squid 3.5.24 - Ssl Bump tlsv1 alert unknown ca

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Squid 3.5.24 - Ssl Bump tlsv1 alert unknown ca


when using squid in transparent mode and try to access https://www.facebook.com from computer all working very well,
but when I try to use Facebook app (on Iphone for example), I'm  getting this error in cache.log:

Error negotiating SSl connection on FD XX: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca (1/0)

and Facebook not working.

I run on Centos 7:

* run update-ca-trust
* yum update ca-certificates
* create the certificate like this:
    openssl req -newkey rsa:4096 -sha512 -days 365 -nodes -x509 -keyout myCA.pem -out myCA.pem

Do I need to create the certificate for smartphones  different way?
Do I need to install more ca bundle in Centos?
How to fix this problem without white list this site from ssl bump

Thanks Dan

squid-users mailing list
[hidden email]