Hi,
I have been trying to set up squid which can intercept https
traffic without client (read it as browser proxy) changes. I am using
the latest squid 3.3.1. When I actually open a https site I still see
the certificate with the parameters I provided (for myCA.pem) and I
dont see any of the original certificate's properties being mimicked.
I have listed my config below. Please let me know whether I am missing
anything. Pardon me if am overlooking any config. I am relatively new
to squid.
My iptable config:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp
dpt:www redir ports 3128
REDIRECT tcp -- anywhere anywhere tcp
dpt:https redir ports 3129
My Squid config:
http_access deny all
always_direct allow all
ssl_bump server-first all
# Squid normally listens to port 3128
http_port 3128 transparent
https_port 3129 intercept cert=/etc/squid/ssl_cert/myCA.pem ssl-bump
#icap settings
icap_service service_url_check reqmod_precache bypass=on
icap://127.0.0.1:1344/url_check
icap_enable on
icap_preview_size 128
icap_service_failure_limit -1
icap_preview_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Authenticated-User
icap_client_username_encode on
adaptation_service_set class_url_check service_url_check
adaptation_access class_url_check allow all
Thanks & Regards,
Prasanna
