I misspoke. I am getting %ssl::>sni but not %ssl::<cert_subject or %ssl::<cert_issuer but then clients may not be sending certs out....
The doc says is supports server certs but using %ssl::>cert_subject and %ssl::>cert_issuer. gives me a parse error.... Note the "<" instead of the ">" On Thu, Sep 29, 2016 at 7:01 PM, Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 09/29/2016 04:50 PM, Michael Pelletier wrote: > > > I am trying to log some data during the ssl flow. > > > logformat custom ... %ssl::>sni %ssl::>cert_subject %ssl::>cert_issuer > > > > Yet I get nothing from any of the %ssl:: entries.... > > Do your users send certificates to Squid? If not, %ssl::>cert_subject > %ssl::>cert_issuer should be "-". These %codes are _not_ about the > origin server certificate. > > ssl::>sni is only available during certain SslBump steps. Do you use > SslBump? If yes, do you get the corresponding CONNECT entries in your > access log (there should be more than one CONNECT per SSL connection > IIRC)? What are your ssl_bump rules? > > Alex. > > -- *Disclaimer: *Under Florida law, e-mail addresses are public records. If you do not want your e-mail address released in response to a public records request, do not send electronic mail to this entity. Instead, contact this office by phone or in writing.
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
