Márcio Luciano Donada wrote:
Chris Robertson escreveu:
What you are attempting is called a man-in-the-middle attack.
Transparent interception of HTTPS traffic is (by design) not possible.
Squid 3HEAD includes a feature called sslbump
(http://wiki.squid-cache.org/Features/SslBump) that will facilitate the
interception and decryption of HTTPS traffic.
Hi Chris,
I am also conducting tests with the sslbump but driving in firewall
(iptables) https connection to the squid. I am using in squid.conf as
follows:
http_port 3128 transparent sslBump cert = / etc/squid3/ssl/cacert.pem
key = / etc/squid3/ssl/privkey.pem
Even in directing the browser to https proxy server's IP is not working.
Some ideas? I am using the version 3.HEAD-CVS
It is not possible to transparently proxy HTTPS through the http_port
because the connection starts as SSL, not plaintext HTTP that the
http_port expects.
You would need an https_port command, like:
https_port 3129 transparent sslBump cert=... key=...
and then set your iptables configuration to forward port 443 packets to
squid's 3129 port for transparent HTTPS proxying.
Hope this helps,
Guy
--
Guy Helmer, Ph.D.
Chief System Architect
Palisade Systems, Inc.
