is it best to put my "ssl bump" and "no ssl interception" rules under
# Recommended minimum Access Permission configuration: or # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS #SSL Bump http_port 3128 ssl-bump cert=/usr/local/squid/etc/ssl_cert/myCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB sslcrtd_program /usr/local/squid/libexec/security_file_certgen -s /var/lib/ssl_db -M 4MB acl step1 at_step SslBump1 ssl_bump peek step1 ssl_bump bump all #NO SSL Interception acl DiscoverSNIHost at_step SslBump1 acl NoSSLIntercept ssl::server_name "/usr/local/squid/etc/pubkey.txt" ssl_bump splice NoSSLIntercept ssl_bump peek DiscoverSNIHost ssl_bump bump all thanks, rob -- Regards, Robert K Wild.
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
