Hi. On Thu, May 17, 2018 at 08:49:04AM +0200, to...@tuxteam.de wrote: > On Wed, May 16, 2018 at 07:35:51PM -0700, Kushal Kumaran wrote: > > [...] > > > You should note that HTTP-proxy based systems will not be able to do any > > inspection or modification of traffic for sites using HTTPS. > > This is true... and then it's not :-) > > If your proxy terminates the HTTPS connection, effectively doing a > "man-in-the-middle" (but controlled by you), it can: most probably > you'd have to fool your browser by offering it a HTTPS connection > from the proxy, and by installing a trusted root certificate you > create yourself. Basically what the proxy in your $CORPORATION does > all of the time. > > I don't know whether privoxy or squid can do that (I'd love to know, > mind you, but days are so short).
Squid can do it. It was called SSL Bump in old (pre 3.4) Squid, now they renamed it to SSL Peek and Splice - [1]. Reco https://wiki.squid-cache.org/Features/SslPeekAndSplice
