Thank you very much Amos and Alex for the helpful explanations, high level
of detail, and for tracking down that this combo is not possible at this
time.
We're going to evaluate what to do next with this info. I'll probably be
following up with more questions soon.
-M
On Fri, Jun 2, 2017 at 9:05
On 06/01/2017 01:26 PM, Alex Rousskov wrote:
> On 06/01/2017 11:29 AM, Alex Rousskov wrote:
> * HTTPS proxy is a rarely used feature that works well for some.
> * SslBump is a frequently used feature that works well enough for some.
> Disclaimer: I do not know of anybody using the _combination_ o
On 06/01/2017 11:29 AM, Alex Rousskov wrote:
> On 05/31/2017 08:15 PM, Masha Lifshin wrote:
>> If we want to only allow encrypted traffic between the browser and
>> proxy, does that mean we'd only want to use the following line from your
>> example?
>> # HTTPS proxy; clients establish TLS connecti
On 05/31/2017 08:15 PM, Masha Lifshin wrote:
>
> Sorry for the imprecise language, I mean not interception but rather
> accepting connections to that port. Our browsers will be explicitly
> configured to connect our proxy, so I believe that is not interception?
You are correct. It is explicit pr
On 01/06/17 14:15, Masha Lifshin wrote:
Thank you, very helpful. Some more clarifying questions for you.
Sorry for the imprecise language, I mean not interception but rather
accepting connections to that port. Our browsers will be explicitly
configured to connect our proxy, so I believe that
Thank you, very helpful. Some more clarifying questions for you.
Sorry for the imprecise language, I mean not interception but rather
accepting connections to that port. Our browsers will be explicitly
configured to connect our proxy, so I believe that is not interception?
If we want to only al
On 05/31/2017 02:42 PM, Masha Lifshin wrote:
> What I am trying to achieve is
> 1. an https connection between the client and squid proxy, as well as
> 2. listen on port 80 for http traffic,
> 3. on port 443 for ssl traffic, and
> 4. apply ssl-bump to the ssl traffic.
If I parsed your quer
Dear Alex,
Thank you very much for your helpful reply.
I have a follow up question. What I am trying to achieve is an https
connection between the client and squid proxy, as well as listen on port 80
for http traffic, on port 443 for ssl traffic, and apply ssl-bump to the
ssl traffic. I am havi
On 05/26/2017 12:00 AM, Masha Lifshin wrote:
> I have added an https_port directive
> to squid.conf, but it must be misconfigured.
> http_port 172.30.0.67:443 ...
> https_port 172.30.0.67:443 ...
You are right -- your Squid is misconfigured. You cannot use the same
address for two ports. Unfortun
