Hi Elijah, On Thursday 18 May 2006 14:43, Elijah Alcantara wrote: > Hi, > > I've been trying to setup transparent proxy and it seems to be working > for most sites except for those that have secure logins > (mail.yahoo.com, gmail, sourceforge), could this be that ssl thing at > work here? (sorry, I'm quite new to this ssl thing) Is it required for > the squid proxy server to have --enable-ssl working so that clients > can open those sites ? > > I noticed that manually setting proxy at the browser will enable > opening of ssl sites, but leaving it with no proxy will cause the page > to just simply load forever (transparent proxy's side). https and transparent proxying (or interception proxying) is not possible by design. > I'm asking this 'cause I'm having a bit of a trouble producing those > certificates & keys, gives me some weird error & stuff... That would be what is called "man-in-the-middle attack" ... Search the mailing lists archive, you'll find a lot of discussions on this there. Regards, Peter -- Peter Albrecht, Novell Training Services, peter.albrecht@xxxxxxxxxx
