Squid transparent ssl proxying. Is it possible to get a legal certificate?

S

Seregakz2014-08-20 15:58:09

Squid

Seregakz, 2014-08-20 15:58:09

The people in general such a problem. Everything is set up, everything works, but in the browser it says that the certificate is not trusted, you can get confused and install the certificate in the browser. The question arises how does Kerio work where is the transparent filtering of https without problems with browsers? Is it possible to get a legal certificate to use it in Squid?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

L

Lexus34, 2015-06-20
@Lexus345

Well, in general, a certificate is issued for a specific domain, thus certifying it, otherwise what's the point of having it at all? In Kerio, a self-signed certificate also requires import to client machines, and it is unrealistic to legally sign such a certificate in which ( * ) is indicated as the target domain, more precisely, it is technically possible, but not a single certification authority will do this, this is suicide, then you you will be able to carry out a MITM attack on any HTTPS site and the browser will not even notice it. No one will give you such a certificate for any money.