| Index | Alphabetical Index |
| Option Name: | sslproxy_cert_error |
|---|---|
| Replaces: | |
| Requires: | --enable-ssl |
| Default Value: | none |
| Suggested Config: |
|
Use this ACL to bypass server certificate validation errors. For example, the following lines will bypass all validation errors when talking to servers for example.com. All other validation errors will result in ERR_SECURE_CONNECT_FAIL error. acl BrokenButTrustedServers dstdomain example.com sslproxy_cert_error allow BrokenButTrustedServers sslproxy_cert_error deny all This clause only supports fast acl types. See http://wiki.squid-cache.org/SquidFaq/SquidAcl for details. Using slow acl types may result in server crashes Without this option, all server certificate validation errors terminate the transaction. Bypassing validation errors is dangerous because an error usually implies that the server cannot be trusted and the connection may be insecure. See also: sslproxy_flags and DONT_VERIFY_PEER. Default setting: sslproxy_cert_error deny all |
|
| Index | Alphabetical Index |