On Thu, 2008-10-09 at 08:53 -0700, Puze Yang wrote: > Please bear with me as I am new to the proxy server filed and my question must be a basic one. > For re-branding purpose, in a intranet environment, a HTTPS requests from Client browser is > sent to the Proxy Server, and the Proxy Server in turn request a HTTPS page > from an internal Web Server. > Once the content retrieved from the Web Server, the Proxy Server needs > to replace some particular texts, and then send the modified content to > the Client. > > The question is, whether HTTPS traffic can be "changed" by using Squid > or do you know any other software may do? Squid can change HTTPS traffic if (a) end user allows it to do so and (b) there is some software that does content adaptation on the decoded traffic. For more information, including many caveats, please see http://wiki.squid-cache.org/Features/SslBump http://wiki.squid-cache.org/Features/DynamicSslCert and http://wiki.squid-cache.org/SquidFaq/ContentAdaptation If you are using Squid as a reverse proxy (a.k.a., accelerator or surrogate -- clients are thinking that your Squid is the origin server), then you do not need the SslBump component. HTH, Alex.
