Search squid archive

sslbump and cache_peer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm trying to setup sslbump in combination with a parent proxy. 

Here a short drawing:

Client  ---- my proxy (with sslbump) ---- parent proxy  ---- internet


Unfortunately the parent proxy isn't able to handle the requests from my proxy and returns a "bad request" error message.

As soon as I activate sslbump, my proxy sends out the requests to the parent proxy in the form:

GET https://www.destination.com

The parent proxy isn't able to handle this as it cannot work as an ssl proxy. I also can't change the configuration of the parent proxys. So my proxy has to send you the request in the form:

CONNECT www.destination.com:443

and do the rest by itself. I couldn't find any hint how to configure this.

This are the appropriate sections of the configuration:

http_port 3128 sslBump cert=/etc/squid/bump.pem key=/etc/squid/bump.key
ssl_bump allow all
cache_peer parent1  parent 3128 0 no-query 
cache_peer_access parent1  allow all
never_direct allow all
sslproxy_cert_error allow all


Any comment is highly appreciated!


Regards
Ben




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux