Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-30 Thread Michael Pelletier
Thanks! On Thu, Sep 29, 2016 at 11:12 PM, Amos Jeffries wrote: > On 30/09/2016 12:55 p.m., Alex Rousskov wrote: > > On 09/29/2016 05:44 PM, Michael Pelletier wrote: > >> In the squid.conf.documented, it looks like I can log the server > >> certificate as well as the client certificate > >> >

Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Amos Jeffries
On 30/09/2016 12:55 p.m., Alex Rousskov wrote: > On 09/29/2016 05:44 PM, Michael Pelletier wrote: >> In the squid.conf.documented, it looks like I can log the server >> certificate as well as the client certificate >> >> # %ssl::> # %ssl::>

Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Alex Rousskov
On 09/29/2016 05:44 PM, Michael Pelletier wrote: > In the squid.conf.documented, it looks like I can log the server > certificate as well as the client certificate > > # %ssl:: # %ssl:: Wrong directive? The above %c

Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Alex Rousskov
On 09/29/2016 05:09 PM, Michael Pelletier wrote: > The doc says is supports server certs Which doc? I am reading squid.conf.documented in trunk/v4: > ssl::>cert_subject > The Subject field of the received client > SSL certificate or a dash ('-')... > > ssl::>cert

Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Michael Pelletier
In the squid.conf.documented, it looks like I can log the server certificate as well as the client certificate # %ssl::>sniSSL client SNI sent to Squid # %ssl::{Header}HTTP request header "Header" On Thu, Sep 29, 2016 at 7:09 PM, Michael Pelletier < michael.pellet...@

Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Michael Pelletier
I misspoke. I am getting %ssl::>sni but not %ssl::cert_subject and %ssl::>cert_issuer. gives me a parse error Note the "<" instead of the ">" On Thu, Sep 29, 2016 at 7:01 PM, Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 09/29/2016 04:50 PM, Michael Pelletier wrote: > > > I a

Re: [squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Alex Rousskov
On 09/29/2016 04:50 PM, Michael Pelletier wrote: > I am trying to log some data during the ssl flow. > logformat custom ... %ssl::>sni %ssl::>cert_subject %ssl::>cert_issuer > > Yet I get nothing from any of the %ssl:: entries Do your users send certificates to Squid? If not, %ssl::>cert_su

[squid-users] No matter what I do I can not get %ssl:>sni (or other %ssl) to log

2016-09-29 Thread Michael Pelletier
Hello, I am trying to log some data during the ssl flow. I have this for my logformat logformat custom %>a %>p %>lp %la %st %rd %>ru %>Hs %{Referer}>h [%{User-Agent}>h] [%{Host}>h] %ssl::>sni %ssl::>cert_subject %ssl::>cert_issuer sq_err:[%{X-Squid-Error}h] s_hdr:[%