Add squid validation for selected CA when MITM is enabled
Obviously, this needs to be a CA we have a private key to so that it can issue certificates on the fly to prevent PEBKAC cases such as . The current validation does not check this. 
@jimp: Any chance you can hack a quick check for this? Otherwise please re-assign to myself and I'll dig into the certs.inc later, not exactly something I'd be familiar with. The other relevant code is here  - so it basically adds the required bits to squid.conf if we can get the private key, if not, it results in broken config as in . I guess there's no need to touch that once the validation is in place though.
#2 Updated by Jim Pingle 3 days ago
- Status changed from New to Feedback
- Target version deleted (
OK I added two different sets of protection:
1. Input validation to warn if a user selected a CA without a private key
2. I changed it so the CA list does not include entries without a private key
I added #1 in case somehow the user manages to submit the form with an old/invalid setting, but really #2 should make #1 unnecessary. Since it impacts squid so severely, I felt both were warranted.
Removing target version since this is a package and not tied to a specific release.