Hello,
I am a working proxy SSL decryption scnerio running but when I cherck the Cache Log I notice strange errors. Google-Fu does not work so researching these very cryptic meanings are coming up empty.
Also I noticed that some websites such as Google.com or Youtube.com DO NOT use my Opnsense firewall certificate and instead use the certificate issued by the real CA. If this was certificate pinning I would expect the site to fail. Any ideas here?
kid1| ERROR: negotiating TLS on FD 93: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (1/-1/0)
kid1| Error negotiating SSL connection on FD 87: error:00000001:lib(0):func(0):reason(1) (1/-1)
kid1| Error parsing SSL Server Hello Message on FD 49