On 10/07/2013 03:29 AM, Jury Bogdanov wrote: > Hello. I have some problems with ssl-bump mode. Can you help me, please? > My configuration: > https_port 192.168.56.100:3130 transparent ssl-bump > generate-host-certificates=on dynamic_cert_mem_cache_size=4MB > cert=/home/mut/squid.pem key=/home/mut/squid.key > acl vk dstdomain .vk.com > ssl_bump server-first vk > http_access deny vk all > But I can open https://vk.com Perhaps Squid does not receive HTTPS traffic at all? Check access.log while requesting https://vk.com When you open https://vk.com, do you see Squid CA certificate or the well-known Root CA certificate? If it is the former, then Squid bumped the connection (but allowed the request). If it is the latter, then Squid did not bump the connection (see above regarding determining whether Squid received the connection in the first place). HTH, Alex.
