On 6/10/20 1:35 pm, Nisa Balakrishnan wrote:
> Hi,
>
> I am trying to allow access for only tls versions 1.2 and above on Squid
> 3.5.20
>
Note that "above 1.2" are not supported by that ancient version of
Squid. Your test disables everything except SSLv1 code in the library.
> For testing pur
Hi,
By default, Squid accepts SSL connection only to port 443.
Are there any security concerns when need to accept HTTPS connections
on other ports?
Thank you,
Ronan
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache
Thanks Amos.
I have verified that squid build is done with openssl that supports 1.2 but
not 1.3.
I am worried that squid does not pass the flag set via options.
I am able to lock squid to tls 1.2 only with sslproxy_version
To be a bit more clear, the squid implementation is a whitelist filtering
On 7/10/20 2:16 pm, Ronan Lucio wrote:
> Hi,
>
> By default, Squid accepts SSL connection only to port 443.
You are referring to the SSL_ports ACL ?
That does not mean accepting SSL connections. Only that the port is
known to be used primarily for SSL. So that opening opaque CONNECT
tunnels ther
