Search squid archive

RE: intercepting SSL connections with client certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Eliezer,

I need access log with url and time taken by the server for debugging some
issues. I will be intercepting SSL only for a week or so till the issue is
resolved.

Regards,
Shinoj.

-----Original Message-----

From: Eliezer Croitoru [mailto:eliezer@xxxxxxxxxxxx]
Sent: Tuesday, November 19, 2013 8:01 PM
To: squid-users@xxxxxxxxxxxxxxx
Subject: Re:  intercepting SSL connections with client
certificate

Hey Shinoj,

Your problem is not your own.
The main issue with SSL is even intercepting it.
I would not just say it on the law side of the matter.

One of the issues is that SSL should be and end-to-end connection.
In infrastructure that a SSL encryption is enabled the SSL end point in
many cases do that as a SSL dedicated HW\SW node.
Behind a SSL reverse proxy there can be a whole new Internet for example.

So breaking the SSL is as you see a very complicated task.
I would assume that when SSL interception is being done it means that
these connections needs inspection and it is possible that a client
certificate is not even allowed as a policy.

I can think of a VPN solutions that use client side certificates.

In this case I would assume that access to encrypted information from
inside this place will be so restricted that only system and engineering
staff will be allowed to access some places.

Best Regards,
Eliezer

On 19/11/13 15:39, Shinoj Gangadharan wrote:
> I guess I am stuck:)
>
> Thanks and Regards,
> Shinoj.




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux