On 07/14/2018 03:34 PM, Dirk Gottschalk via users wrote:
To answer your question. Squid can do this for you. You can make it
decrypt the data end encrypt it with a certificate issued by yourself.
AFAIK you should even be able to let squid log what happens on the
https connection.
It should also be possible to use Apache as a reverse proxy to do the
same. Probably even without the need to encrypt the connection on "your
side".
I think this is the right document for Squid:
https://wiki.squid-cache.org/Features/SslPeekAndSplice
I don't see any document describing a similar feature in Apache. The
normal mode of operation for proxy servers is to tunnel the TLS
connection, so a standard HTTP proxy won't be able to inspect encrypted
connections.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx/message/CELH6QTBMJCBNH2MPVQQYQ65ZH5XUF7N/