Dwayne Hottinger wrote:
Quoting Mark Elsen <mark.elsen@xxxxxxxxx>:
I dont want to block all ssl sites. However, for some reason any url that
has
https: in it, doesnt go through the proxy
- It should, in the default settings; check access.log for the failing
URI's.
- Check cache.log , for further error info , if any.
...
M.
Mark,
Thanks for the insight. But I dont see any of the above in my cache.logs or my
access.log. I think my firewall rules are causing everything on port 443 to
bypass my filter. I have a rule for redirecting port 80 traffic to the proxy
server, but nothing for port 443. Im going to explore that unless someone has
a better idea.
thanks,
ddh
--
Dwayne Hottinger
Network Administrator
Harrisonburg City Public Schools
The subtle evils of intercepting proxies strike again. There is no way
to intercept https traffic (well, not without lots of warnings on the
client) because this is the very definition of a man-in-the-middle attack.
Chris
