On 22/04/2015 1:31 p.m., Alex Samad wrote: > I presume ssl proxy (peek/splice) doesn't work with client certs ?
peek/splice works with client certs. peek to get the SNI and other publicly available details from TLS then splice to pass that client data to the server is precisely the feature designed to cope with client certs, unknown ciphers and other issues. NP: splicing is *not* decrypting the traffic. *bump* action (or the deprecated client-first/server-first) is the one that will not work properly with client certs. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
