> From: csn233 <csn233@xxxxxxxxx> >Sent: Monday, 29 July 2013 10:40 PM >Subject: Re: Basic questions on transparent/intercept proxy >On Sun, Jul 28, 2013 at 9:11 PM, Amm <ammdispose-squid@xxxxxxxxx> wrote: >> ----- Original Message ----- >> >>> From: csn233 <csn233@xxxxxxxxx> >>> To: "squid-users@xxxxxxxxxxxxxxx" <squid-users@xxxxxxxxxxxxxxx> >> >>>To intercept HTTPS traffic, is SSL-bump a must? Even when I only want >>> to record the CONNECT traffic in access.log just like a normal forward >>> proxy without decrypting anything? >> >> No. But it will log only IPs not the host name or URL. >> >> Amm >No, as in ssl-bump is not a requirement for HTTPS traffic to be >logged? Your answer seems to be different from other replies. Can you >provide examples of how? I am not sure if I understood your previous question right. I think what others said is right. Here is what I have done. (simplified version) https_port 8081 intercept ssl-bump generate-host-certificates=on cert=/etc/squid/ssl_cert/squid.pem #ssl_bump none all #<--- this line is not required So ssl-bump as a keyword is required on https_port but you dont need ssl_bump ACL line (by default it bumps nothing). Traffic will be logged just as IP. (Not actual hostname) Regards, Amm.
