On 2/09/19 8:44 am, torson wrote:
> For me it works with "ssl_bump peek step1", not with "ssl_bump peek all".
>
That tells me that your clients are lying to your proxy.
"peek step1" means only the client-provided detail is available. eg the
client says it is going to example.net (a domain which
For me it works with "ssl_bump peek step1", not with "ssl_bump peek all".
My working config using Squid 4.8:
---
visible_hostname squid
debug_options ALL,1
positive_dns_ttl 0
negative_dns_ttl 0
client_persistent_connections off
http_port 3128
http_port 3129 intercept
acl allowed_http_sites dstdom_
