Oh I see, I won't bother then, was just for a experience. But anyway, since I'm only passing traffic from 80 through squid, I want to add 443 traffic also. What aspects do I have to concerns about this, on how to active transparent mode for 443? > -----Original Message----- > From: Amos Jeffries [mailto:squid3@xxxxxxxxxxxxx] > Sent: domingo, 26 de Abril de 2009 1:56 > To: Jorge Bastos > Cc: squid-users@xxxxxxxxxxxxxxx > Subject: Re: Squid on transparent proxy for 443 request > > Jorge Bastos wrote: > > Hi there, > > What are the concerns that I need to have to make squid act as a > transrent > > proxy on port 443? > > I need to catch the data that is being sent from a website that works > under > > https, is it possible? Data > > > > Right now I only use it for standard port 80. > > > > Not possible. HTTPS guarantees the client can see 100% of the machines > for itself to the source. > > One user has recently pointed out that redirecting HTTPS URL's to a > local domain reverse-proxied by Squid might work though. The client > believes and accepts Squid credentials as its proper destination site > and Squid handles decryption->re-encryption going HTTPS to the remote > site. > > That is very similar to how SSLBump works with CONNECT requests in 3.1. > But may get past the invalid certificate issues. > > Amos > -- > Please be using > Current Stable Squid 2.7.STABLE6 or 3.0.STABLE14 > Current Beta Squid 3.1.0.7
