On 3/04/21 4:13 pm, Majed Zouhairy wrote:
hmm, thank you both.. i regenerated new certificates using Eliazer's method and now squid restarted but it is refusing connections..

What is the error happening now?

i normally configure port 8080 as the proxy port in the browser, and i am thinking there needs to be another port for ssl bumping?

No. SSL-Bump as you have it configured intercepts the CONNECT traffic the browser send to normal proxy port.

now the configuration is like this:

http_port 8080 ssl-bumpĀ  cert=/etc/squid/certs/myCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB

ssl_bump peek all
ssl_bump splice all

# Uncomment and adjust the following to add a disk cache directory.
# Updates: chrome and acrobat

NP: the comment above is about the cache_dir line. You can remove it.

squid-users mailing list

Reply via email to