Search squid archive

Re: HTTPS traffic in normal transparent proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 






Thanks Henrik.

i tried with

https_port 0.0.0.0:3129 transparent cert=/usr/local/squid/CA/servercert.pem key=/usr/local/squid/CA/serverkey.pem

But not working...

My problem is i want to block some sites like gmail.com.

I have an acl for blocking. it works only for http://gmail.com

not https://gmail.com

Help me..

how to resolve this...

On ons, 2008-10-15 at 03:01 -0400, viveksnv@xxxxxx wrote:

I need to handle the HTTPS request(443) in squid transparent proxy.

Ouch. You are aware that this is not possible without acting as a
man-in-the-middle, sending invalid certificates to the browsers? And
that the users no longer will be able to verify the contacted servers
certificate?

I am using squid 3.0.

http_port 3128 transparent

https_port 3129.

https_port needs a certificate specified.

Forward the 80 port request to 3128 and 443 port to 3129.

Ok.

In debugging mode, squid ready to handle the HTTPS requests.But not
working. ( Error : take long time and time out)

And also i tried with

https_port 0.0.0.0:3129 cert=/usr/local/squid/CA/servercert.pem
key=/usr/local/squid/CA/serverkey.pem

You also need to enable transparent interception (transparent option),
just as you did for http_port. If not Squid assumes it's a normal proxy
port.

Regards
Henrik






________________________________________________________________________
You are invited to Get a Free AOL Email ID. - http://webmail.aol.in


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux