On 21/11/2016 11:44 p.m., Patrick Chemla wrote:
> Hi Alex, and all others
>
> No I have set it for multiple domains, and it works really fine. Again
> many thanks.
>
> But I have a new demand:
>
> Within one of the sites, where squid handles the https connexion then
> communicate with internal V
Hi Alex, and all others
No I have set it for multiple domains, and it works really fine. Again
many thanks.
But I have a new demand:
Within one of the sites, where squid handles the https connexion then
communicate with internal VM through http, there is one (at least, maybe
we will find ot
On 17/11/16 18:11, Patrick Chemla wrote:
>
> Hi Alex, sorry for disturbing, but it works with
>
> https_port 5.39.105.241:443 accel defaultsite=www.sempli.com
> cert=/etc/squid/ssl/sempli.com.crt
> key=/etc/squid/ssl/sempli.com.key
>
> Many, many, many Thanks for valuable help.
>
> Pa
Hi Alex, sorry for disturbing, but it works with
https_port 5.39.105.241:443 accel defaultsite=www.sempli.com
cert=/etc/squid/ssl/sempli.com.crt key=/etc/squid/ssl/sempli.com.key
Many, many, many Thanks for valuable help.
Patrick
Le 17/11/2016 à 19:48, Patrick Chemla a écrit :
H
Hi Alex,
I followed the
http://wiki.squid-cache.org/SquidFaq/ReverseProxy
I am getting errors when trying to connect. What could it be?
This is the config: Is there something bad there?
==
debug_options ALL,1 33,2 28,9
http_port 5.39.105.241:443 accel d
Many Thanks Alex. I will try in the next hours and let you if I am
successful.
Patrick
Le 16/11/2016 à 20:04, Alex Crow a écrit :
On 16/11/16 17:33, Patrick Chemla wrote:
Thanks for your answers, I am not doing anything illegal, I am trying to
build a performant platform.
I have a big serv
On 16/11/16 17:33, Patrick Chemla wrote:
> Thanks for your answers, I am not doing anything illegal, I am trying to
> build a performant platform.
>
> I have a big server running about 10 different websites.
>
> I have on this server virtual machines, each specialized for one-some
> websites, a
Thanks for your answers, I am not doing anything illegal, I am trying to
build a performant platform.
I have a big server running about 10 different websites.
I have on this server virtual machines, each specialized for one-some
websites, and squid help me to send the traffic to the destinatio
On 16/11/2016 9:11 p.m., Patrick Chemla wrote:
> Hi,
>
> I have same problem, and I need to use trusted CA certificates, so what
> is the solution?
Not to do illegal bad things that violate your contract with the CA.
Any CA which lets you intercept traffic by generating sub-certificates
with the
I'm not sure what you are trying to do. It sounds like you're running a reverse
proxy, which has nothing to do with SSL bump or peek/splice.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
--
This message is intended only for the addressee and may contain
confidential info
That's why you gain their consent when they sign their employment contract.
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
--
This message is intended only for the addressee and may contain
confidential information. Unless you are that person, you may not
disclose its cont
Hi,
I have same problem, and I need to use trusted CA certificates, so what
is the solution?
I have a squid 3.5.20 used for multiple domains, multiple backends,
using both HTTP and HTTPS.
Actually, the HTTP configuration is OK, the backends are OK with HTTPS,
trusted certificates, verified
15.11.2016 22:28, Alex Crow пишет:
> On 15/11/16 16:22, Yuri Voinov wrote:
>>
>>> You can if you have control over the clients, ie install your CA into
>>> the browser/OS.
>> ... and this can be illegal ;)
>>
>
> YMMV (depending on where you live/work)!
AFAIK Spying for users without they agreeme
On 15/11/16 16:22, Yuri Voinov wrote:
You can if you have control over the clients, ie install your CA into
the browser/OS.
... and this can be illegal ;)
YMMV (depending on where you live/work)!
--
This message is intended only for the addressee and may contain
confidential information. Un
15.11.2016 20:43, Alex Crow пишет:
>
>
> On 15/11/16 14:28, Yuri Voinov wrote:
>>
>>
>> So, you can't do SSL bump without users notification.
>
> You can if you have control over the clients, ie install your CA into
> the browser/OS.
... and this can be illegal ;)
>
> Alex
> --
> This message is
On 15/11/16 14:28, Yuri Voinov wrote:
So, you can't do SSL bump without users notification.
You can if you have control over the clients, ie install your CA into
the browser/OS.
Alex
--
This message is intended only for the addressee and may contain
confidential information. Unless you a
On 15/11/16 14:22, Sergio Belkin wrote:
Hi,
When using something like that:
http_port 8080 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB
cert=/home/proxy/ssl_cert/example.com.cert
key=/home/proxy/ssl_cert/example.com.private
Is possible to use a certific
15.11.2016 20:22, Sergio Belkin пишет:
> Hi,
>
> When using something like that:
>
> http_port 8080 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=4MB
> cert=/home/proxy/ssl_cert/example.com.cert
> key=/home/proxy/ssl_cert/example.com.private
>
>
> Is possible to u
Hi,
When using something like that:
http_port 8080 intercept ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/home/proxy/ssl_cert/example.com.cert
key=/home/proxy/ssl_cert/example.com.private
Is possible to use a certificate generated by a trusted CA?
Thanks in adv
19 matches
Mail list logo
