On 01/19/2010 05:57 PM, Dimitri Syuoul wrote: > Thank you... for the inmense amount of users who have been waiting > years.. is there any opportunity that you can release a patch to the > stable version for this feature to be enabled.. so that we dont have > to compile the 3.1 beta? Sorry, but our cycles are probably better spent on moving forward than on backporting. I hope there are are even more users waiting for other features on the to-do list. > Do you know of any opensource alternatives to this solution? Not sure what you mean. SSL Bump is open source; it is a part of Squid. The new dynamic SSL certificate generation code will be submitted for the Squid Project review shortly as well. I am waiting for the final round of test results to post the patch to squid-dev. Cheers, Alex. > On Tue, Jan 19, 2010 at 5:38 PM, Alex Rousskov > <rousskov@xxxxxxxxxxxxxxxxxxxxxxx> wrote: >> On 01/13/2010 10:30 AM, Dimitri Syuoul wrote: >>> Hello, >>> >>> Ive been reading over this new feature. It is unclear to me if this >>> can be used for transparently proxying SSL (by this I mean not >>> configuring any proxy in the computers of the clients.. it is ok if >>> clients get cert warnings). >> Yes, SSL Bump can be used in a transparent environment. >> >> Due to a large number of certificate warnings, complex sites that use >> multiple secure servers on one page are barely usable without dynamic >> SSL certificate generation though. >> >> HTH, >> >> Alex.
