Hello,
I have an old tablet, which i would like to have SSL Inspection enabled. But this will not work for Signal, even if .whispersystems.org and .signal.org are inserted into no ssl bump sites.
It still reclams the certificate, e.g.:
kid1| ERROR: negotiating TLS on FD 30: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (1/-1/0)
Does anybody know, how i can handle Signal having ssl inspection enabled? Btw. the proxy is not transparent.
Signal is using certificate pinning and also highly customized TLS traffic, so SSL No Bump doesn't work.
If you really need full SSL Inspection enable Censorship circumvention within iOS/Android application to allow Signal to work. Not sure if it's possible with Signal Desktop.
Mike