On 7/03/2017 5:41 a.m., Eliezer Croitoru wrote:
> Hey,
>
> There was something about it but I believe it's only on squid version 4.0.X.
FTR; Squid-4 brings the ability to tunnel Skype clients that were using
something that looked a bit like TLS but wasn't (along with the many
port 443 non-TLS us
nux System Administrator
Mobile: +972-5-28704261
Email: elie...@ngtech.co.il
From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf
Of Hanoch Hanoch K
Sent: Monday, March 6, 2017 3:47 PM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Ssl bump tunneling connection by us
On 03/06/2017 06:46 AM, Hanoch Hanoch K wrote:
> However skype's client app uses client certificates that don't have SNI.
SNI is not a property of a client certificate. It is a property of a
client Hello message. I do not know whether some Skype clients do not
send SNI with their Hellos, but I wa
Greetings
We're using Squid 3.5.19 with ssl bump,
and we want to tunnel (not bump) applications such as skype, that use
pinned ssl,
so we defined an acl for splicing skype's ssl_server_name.
However skype's client app uses client certificates that don't have SNI.
The only way to identify skype is
