Message: 5
Date: Wed, 2 Nov 2016 13:09:20 +1300
From: Amos Jeffries <squ...@treenet.co.nz>
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Can Squid communicate http to clients
connecting to https sites?
Message-ID: <ee0bea25-6a0b-0090-f23f-05bc8d51e...@treenet.co.nz>
Content-Type: text/plain; charset=utf-8
On 2/11/2016 12:55 p.m., vze2k3sa wrote:
> Hi,
>
> I have a question around have Squid which is configured to handle all
> company traffic to and from the web. When connecting to an SSL
> website, HTTP Connect is used. Can Squid be configured so all the
> inbound SSL traffic is SSL decrypted and send back to clients as clear text
> http traffic?
>The CONNECT message *is* clear-text HTTP. So already it is doing what you
>asked. But I think what you want is not want you are asking for.
>Squid supports receiving requests for https:// URLs from clients on regular
>TCP connections and will perform the HTTPS part for them.
>Squid also supports clients using TLS to connect to the proxy, then to pass it
>requests for https:// URLs. There is a sad lack of clients that support doing
>that though.
>If the client is performing TLS to the origin server, then no. You cannot
>reply with plain-text HTTP to them. Your only choice in that case is the
>SSL-Bump feature.
>Amos
Thanks Amos for the reply.
What I'm looking for is to send all client requests http and get replies back
as http where I don't care if the internet site requires SSL or not.
If a site does require SSL then can squid handles that where again the
responses back to the client are http.
-Patrick
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
