On 31/08/2013 4:15 p.m., junio wrote:
staff finished compiling the squid version 3.1 on debian Wheezy with ssl support (--enable-ssl --enable-ssl-crtd ...), with the main aim of blocking sites that use this type of connection, but not I have the slightest idea of how to start the configuration, I have several questions the first one and if I have to redirect traffic from port 443 to port 3128 with iptables, or is not necessary?, the second doubt is, what the syntax of new acls?, eg acl ssl_bump and other podecem would greatly appreciate if you guys send me an example of the configuration file.
There are major security and reliability issues in the experimental SSL bumping in 3.1 version. Please instead use at least 3.2.13 and preferrably the latest 3.3 release where most of the security issues have been resolved.
Amos