Search squid archive

Re: squid 3.0.19 + transparent + sslbump

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Leonardo Carneiro - Veltrac wrote:

Amos Jeffries wrote:
Some factums worth knowing:

* 3.0 does not support sslBump or any other form of HTTPS man-in-middle attacks. 3.1 is required for that.

* sslBump in 3.1 requires that the client machines all have a CA certificate installed to make them trust the proxy for decryption.

* sslBump requires clients to be configured for using the proxy. (Some of the 'transparent' above work this way some do not.)

Amos
Hi Amos. What is the vantage of use sslBump if I cannot use a transparent proxy with it? Is the ability to cache SSL content?
Tks in advance.

Somewhat. Mostly for corporate networks AV scanning or filtering HTTPS connections.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE8 or 3.0.STABLE25
  Current Beta Squid 3.1.0.18

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux