On Wed, Feb 28, 2018 at 06:43:50PM -0300, Marcelo Ricardo Leitner wrote:
> On Wed, Feb 28, 2018 at 10:23:31PM +0100, Nicolas Kovacs wrote:
> > Hi,
> >
> > I've been running Squid successfully on CentOS 7 (and before that on 6
> > and 5), and it's always been running nicely. I've been using it mostly
> > as a transparent proxy filter in school networks.
> >
> > So far, I've only been able to filter HTTP.
> >
> > Do any of you do transparent HTTPS filtering ? Any suggestions, advice,
> > caveats, do's and don'ts ?
>
> I did some experiments ~2 weeks ago. It worked, but I still need to
> work on the certificates. Squid will re-issue certificates for those
> connections that it intercepts, and if the browser doesn't recognize
> the CA, it's going to scream out loud. For the test, I imported my
> test CA in the browser and then was completely transparent. Not sure
> if there is a way to avoid this. I hope not, actually.
https://smoothnet.org/squid-proxy-with-ssl-bump/
was of good help to me, btw.
Marcelo
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
