Hi.
On 12.11.2015 0:06, Eugene M. Zheganin wrote:
> So, the user starts it's browser and opens the URL 'https://someurl'.
> And this URL matches both 'block' and 'blockssl' ACLs, one I created for
> you know... usual matching and one - for sslBump, since dstdomain ACLs
> cannot work there. So, the
Hi.
On 11.11.2015 23:44, Amos Jeffries wrote:
> Proxy-authentication cannot be performed on MITM'd traffic. That
> includes SSL-bump decrypted messages.
>
> However, unlike the other methods SSL-bump CONNECT wrapper messages in
> explicit-proxy traffic can be authenticated and their credentials
>
On 12/11/2015 7:12 a.m., Eugene M. Zheganin wrote:
>
> As soon as I add sslBump, everything that is bumped, starts to be
> blocking by 'http_access deny unauthorized' (everything that's spliced
> works as intended). And I completely cannot understand why. Yes, I can
> remove this line, but this wa
Hi.
I have configured simple ssl peek/splice on squid 3.5.10 for some simple
cases, but in my production, where configs are complicated, it doesn't
work as expected - somehow it interferes with authentication.
Suppose we have a config like:
===Cut===
acl freetime time MTWHF 18:00-24:00
acl foo
