Search squid archive

Re: What's the easiest way to allow direct HTTPS connection in Intercept mode?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 24/06/11 19:52, kkk kkk wrote:
Hi all,

I know the SSL issue has been beaten to death

I'm using DNS redirect to force my clients to use my intercept proxy.
As we all know, intercepting HTTPS connection is not possible unless I
provide a fake certificate. What I want to achieve here is to allow
all HTTPS requests connect directly to the source server, thus
bypassing Squid:

HTTP connection>  Proxy by Squid
HTTPS connection>  Bypass Squid and connect directly


I spent the past few days goolging and trying different methods but
none worked so far. I read about SSL tunneling using the CONNECT
method but couldn't find any more information on it.

Any takes on how to do this?

You need to know what the original IP should have been. Then NAT the traffic on port 443 back to that IP.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.12
  Beta testers wanted for 3.2.0.9 and 3.1.12.3


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux