[CentOS] Squid and HTTPS interception on CentOS 7 ?
Valeri Galtsev
galtsev at kicp.uchicago.edu
Mon Mar 5 15:30:57 UTC 2018
On 03/05/18 06:34, Nicolas Kovacs wrote:
> Le 05/03/2018 à 13:30, Nux! a écrit :
>> You could probably just drop your CA cert in the filesystem and run a
>> couple of commands to get it imported, rather than having to import
>> the CA in the browsers individually. You could probably deliver it
>> via yum/rpm or better yet, ansible or even some shell script.
>
> I will have to use this in environments with mainly Windows, OS X and
> iOS clients. I'm still thinking about how to do this, but I guess I'll
> just setup a local web page on the server, with a link to download the
> certificate file and short instructions on how to install it on the most
> common browsers (Internet Explorer, Edge, Firefox, Chrome, Safari, ...).
Sorry, I missed the beginning of this thread. This sounds to me like
running one's own Certification Authority. I did that a while ago for
over a decade. However, these days one may consider
https://letsencrypt.org/
- you will have to run web server to have certificate signed by them,
but pointing other services to use that same certificate/secret key pair
will work.
Just my $0.02
Valeri
>
> Niki
>
--
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++
More information about the CentOS
mailing list