Thank you for the directions, I have the https proxy working now.
I got a signed CA cert and installed it on the squid server and after
importing the intermediate cert into the client, it is working as expected.
*https_port 3128 tls-cert=/etc/squid/ssl_cert/ssl_certificate.cer
tls-key=/etc/squid/
On 12/14/18 12:03 PM, Subhish Pillai wrote:
> my use case for the squid proxy is to be able to accept a
> HTTPS_proxy request from the client and tunnel it forward to the
> destination server.
> How do I get this to work without having to create self-signed certs on
> the proxy server and import
I was able to get https working over the http connect tunnel, but I was
still having issues with my client application connecting over the proxy.
After some research it so happens that we have implemented the HTTPS proxy
on the client side with libcurl. (implementing this - "
https://daniel.haxx.se
On 13/12/18 12:50 pm, Subhish Pillai wrote:
> Thanks Alex, that was very helpful.
>
> Based on your explanation, I just want to use squid as a blind TCP
> tunnel carrying the HTTPS connection from client to app server.
>
> In that case, I don't need to use ssl_bump feature and the ssl_crtd
> pro
On 13/12/18 11:49 am, Alex Rousskov wrote:
> On 12/12/18 12:58 PM, subhish.pillai wrote:
>
>> 2. What is the difference between "http_port 3128 intercept" and "http_port
>> 3128 transparent"? Do i need to setup the http_port as either of these?
>
> The difference is in whether Squid impersonates
Thanks Alex, that was very helpful.
Based on your explanation, I just want to use squid as a blind TCP tunnel
carrying the HTTPS connection from client to app server.
In that case, I don't need to use ssl_bump feature and the ssl_crtd program
for certificate management, is that correct?
Would th
On 12/12/18 12:58 PM, subhish.pillai wrote:
> 1. What is the difference between SSL bumping and SSL interception?
These concepts describe activities at different layers:
* SSL bumping is, in Squid context, inspection of SSL traffic that often
also involves impersonating the origin server and d
Hi All,
I have a client application that sends periodic usage data to an external
application server over HTTPS using REST API calls. I want to tunnel this
connection through an HTTPS proxy at the client location. I am trying to
setup Squid v4.4 on Centos 7 server for doing this.
The clients are
