[Privoxy-users] Requesting help to set up HTTPS inspection
Fabian Keil
fk at fabiankeil.de
Mon Oct 27 11:05:04 CET 2025
allamistakeo21--- via Privoxy-users <privoxy-users at lists.privoxy.org> wrote on 2025-10-17 at 21:41:22:
>
> > Thank you for your advice. I activated the debug logging, which indeed revealed that the privoxy user didn’t have access rights to the CA files.
> > I changed the owner and group of the CA files, and now it works.
>
> Actually, I was a bit too fast to report success: it worked on one Mac, but on the other I am now getting a different error message, for instance when I attempt to visit google.com <http://google.com/>.
>
> The browser shows the following:
>
> Server certificate verification failed
>
> Privoxy <https://config.privoxy.org/> was unable to securely connect to the destination server.
>
> Reason: unable to get local issuer certificate
>
>
> The log file shows the following:
>
>
> 2025-10-17 21:31:35.573 700009a07 Connect: to google.com
> 2025-10-17 21:31:35.637 700009a07 Connect: Connected to google.com[2a00:1450:400c:c1d::8a]:443.
> 2025-10-17 21:31:35.638 700009a07 Connect: Created new connection to google.com:443 on socket 11.
> 2025-10-17 21:31:35.640 700009a07 Connect: Performing the TLS/SSL handshake with the server
> 2025-10-17 21:31:35.673 700009a07 Error: X509 certificate verification for google.com failed: unable to get local issuer certificate
> 2025-10-17 21:31:35.675 700009a07 Crunch: Certificate error: unable to get local issuer certificate: https://google.com/
Did you specify a trusted-cas-file as documented at:
https://www.privoxy.org/user-manual/config.html#TRUSTED-CAS-FILE
?
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.privoxy.org/pipermail/privoxy-users/attachments/20251027/0f4466fd/attachment.bin>
More information about the Privoxy-users
mailing list