Thanks for answers. To isolate the IP's I need to know all of them. But I don't know all IP's. Some domains have a lot of IP's. Squid can't resolve the IP's? 2013/10/8 Amos Jeffries <squid3@xxxxxxxxxxxxx>: > On 8/10/2013 8:07 a.m., Jury Bogdanov wrote: >> >> Yeah, you was right. When I replaced >> ssl_bump server-fist vk >> >> With >> ssl_bump server-first all >> it works. But I can't understand how to fix that. I don't want bump >> all connections. > > > That change was just a test to verify Alex theory was correct. > > For the final config you need to find some ACL condition or test that > matches the traffic you want to match. You can do so with mutiple ssl_bump > lines and/or ACLs if necessary. > > The specifics are up to you, but it sounds like to need to isolate the IP's > for that domain and permit bumping for them as well as for its domain name. > > Amos
