Re: [squid-users] Squid, Gmail.com and HSTS.

2015-06-10 Thread Michael Monette
HTTPS to break..Thanks for reading - Original Message - From: "Michael Monette" To: "Amos Jeffries" Cc: "squid-users" Sent: Wednesday, June 10, 2015 10:25:21 AM Subject: Re: [squid-users] Squid, Gmail.com and HSTS. Hi again, I finally had some time to g

Re: [squid-users] Squid, Gmail.com and HSTS.

2015-06-10 Thread Michael Monette
_pattern .020%4320 - Original Message - From: "Amos Jeffries" To: "Michael Monette" Cc: "squid-users" Sent: Wednesday, May 27, 2015 7:14:57 PM Subject: Re: [squid-users] Squid, Gmail.com and HSTS. On 28/05/2015 6:33 a.m., Michael

Re: [squid-users] Squid, Gmail.com and HSTS.

2015-05-27 Thread Amos Jeffries
On 28/05/2015 6:33 a.m., Michael Monette wrote: > Yeah I don't know what I am doing wrong but I don't have these ACL types..Or > I am somehow not copy & pasting properly: > > FATAL: Invalid ACL type 'ssl::server_name' > FATAL: Bungled /etc/squid/squid.conf line 54: acl nobumpsites > ssl::server_

Re: [squid-users] Squid, Gmail.com and HSTS.

2015-05-27 Thread Amos Jeffries
On 28/05/2015 5:51 a.m., Michael Monette wrote: > Thanks for the reply. I am compiling the latest squid now and going to give > that a shot using ssl::server_name. The precompiled binary for CentOS was > only at 3.5.04 and didn't have ssl::server_name support I guess. > > While I have you here,

Re: [squid-users] Squid, Gmail.com and HSTS.

2015-05-27 Thread Michael Monette
: 24080 KB Page faults with physical i/o: 0 Did I miss something when compiling? I just followed what was on the Squid wiki. I am all out of ideas.. Thanks, Mike ----- Original Message - From: "Amos Jeffries" To: "squid-users" Sent: Wednesday, May 27, 2015 1:20:33 PM

Re: [squid-users] Squid, Gmail.com and HSTS.

2015-05-27 Thread Amos Jeffries
On 28/05/2015 4:15 a.m., Michael Monette wrote: > Has anyone been able to configure Squid in a way so that if you type https://gmail.com in your browser, you are NOT presented with the "OMG HSTS I refuse to load anything" page? When I go to https://gmail.com, I get an invalid certificate because th

Re: [squid-users] Squid, Gmail.com and HSTS.

2015-05-27 Thread Michael Monette
I just thought of something else. First of all I'm new to squid and I am not aware of 10% of the things its capable of yet so I will ask. Is squid capable of adding custom SNIs? Like could I have it so gmail.com is added to the certificate as a subject alternate name EVEN though the original c

[squid-users] Squid, Gmail.com and HSTS.

2015-05-27 Thread Michael Monette
Has anyone been able to configure Squid in a way so that if you type https://gmail.com in your browser, you are NOT presented with the "OMG HSTS I refuse to load anything" page? When I go to https://gmail.com, I get an invalid certificate because the cert is for mail.google.com, issued by my CA.