Dear Amos & eliezer all i need right now is just having it work , since Iām not interested in caching and i can accept the low security affect .
can i keep on squid 3.5 and do the idea of eliezer that is ā"bypassing squid SSL unwrapping.āā ?? thank you > On Jun 21, 2016, at 11:31 AM, Amos Jeffries <squ...@treenet.co.nz> wrote: > > On 21/06/2016 9:43 a.m., --Ahmad-- wrote: >> Hi , >> i have squid that is working on 3.5 . >> traffic of t 80 and 443 traffic to Squid via IPTables. >> >> Squid then passes traffic to ClamAV via C-ICAP. Squid is configured to >> intercept all SSL traffic and PKI has been setup and distributed to all >> clients. >> >> we have a problem in Skype of Business (Office 365) and Slack (Chat app) >> seems its broken from squid intercept. > > * Skype uses a protocol which appears very much ike TLS/SSL. But is not. > So it usually breaks when treated as TLS. > > * Office 365 uses a non-HTTP protocol (RTP, RPC) inside its TLS. So > Squid cannot SSL-Bump it. > > * I imagine that Slack probably does not use HTTPS as well, but some > other chat protocol. > > For all of the above you will probably need the on_unsupported_protocol > feature in Squid-4. > > Amos > > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users