[squid-users] Questions Regarding Transparent Proxy, HTTPS, and ssl_bump

Squid 3.5.5 I seem to have some confusion about how acl lists are processed in squid.conf regarding the handling of SSL (HTTPS) traffic, attempting to use ssl_bump directives with transparent proxy. Based on available documentation, I believe my squid.conf is correct, however it never seems to ac

Re: [squid-users] Questions Regarding Transparent Proxy, HTTPS, and ssl_bump

oxy? WBR, Yuri 24.06.15 21:41, Tom Mowbray пишет: > Squid 3.5.5 > > I seem to have some confusion about how acl lists are processed in > squid.conf regarding the handling of SSL (HTTPS) traffic, attempting to use > ssl_bump directives with transparent proxy. > > Based on avail

Re: [squid-users] Questions Regarding Transparent Proxy, HTTPS, and ssl_bump

ur results in testing, however, have been less than promising. ----- Tom Mowbray *tmowb...@dalabs.com* *703-829-6694* On Wed, Jun 24, 2015 at 12:41 PM, Amos Jeffries wrote: > On 25/06/2015 3:41 a.m., Tom Mowbray wrote: > > Squid 3.5.5 > > > >

Re: [squid-users] Questions Regarding Transparent Proxy, HTTPS, and ssl_bump

allow ALL https without doing any filtering whatsoever. Thanks for the response. ------------- Tom Mowbray *tmowb...@dalabs.com* *703-829-6694* On Wed, Jun 24, 2015 at 1:31 PM, James Lay wrote: > On 2015-06-24 09:41 AM, Tom Mowbray wrote: > >> Squid 3.5.5 >>

Re: [squid-users] Questions Regarding Transparent Proxy, HTTPS, and ssl_bump

James, Thank for for your help. Now that I have a better understanding of how the https traffic is handled, I've been able to get things working as intended. ----- Tom Mowbray *tmowb...@dalabs.com* *703-829-6694* On Wed, Jun 24, 2015 at 2:05 PM, James Lay

[squid-users] Squid "bumping" traffic despite using "splice" directive

We're seeing some strange behavior where certain sites, especially those hosted by Google, including youtube.com, where the HTTPS traffic is being "bumped" and users are getting certificate errors with our self-signed certificate and CA appearing in the certificate details. What is strange is that

Re: [squid-users] Squid "bumping" traffic despite using "splice" directive

ide any additional info. For what it's worth, this is Squid 3.5.11 running on Debian. - Tom Mowbray *tmowb...@dalabs.com* *703-829-6694[image: http://www.dalabs.com] <http://www.dalabs.com>* On Thu, Nov 12, 2015 at 2:12 PM, Alex Rousskov < rouss..

Re: [squid-users] Squid "bumping" traffic despite using "splice" directive

For what it's worth, I was able to "fix" issue by adding "generate-host-certificates=off" to the end of my https_port configuration. It's not ideal (because I'm not sure why these sites don't splice correctly after being peeked on certain browsers), but it does cause the pages to time out rather t