Re: Squid and HTTPS interception on CentOS 7 ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Wed, Feb 28, 2018 at 10:23:31PM +0100, Nicolas Kovacs wrote:
> Hi,
> 
> I've been running Squid successfully on CentOS 7 (and before that on 6
> and 5), and it's always been running nicely. I've been using it mostly
> as a transparent proxy filter in school networks.
> 
> So far, I've only been able to filter HTTP.
> 
> Do any of you do transparent HTTPS filtering ? Any suggestions, advice,
> caveats, do's and don'ts ?

I did some experiments ~2 weeks ago. It worked, but I still need to
work on the certificates. Squid will re-issue certificates for those
connections that it intercepts, and if the browser doesn't recognize
the CA, it's going to scream out loud. For the test, I imported my
test CA in the browser and then was completely transparent. Not sure
if there is a way to avoid this. I hope not, actually.

  Marcel
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]

  Powered by Linux