Maybe try url_rewrite_program? See: http://www.visolve.com/squid/squid26/externalsupport.php#url_rewrite_program On Tue, Nov 19, 2013 at 9:54 AM, Shinoj Gangadharan <sgangadharan@xxxxxxxxxxxx> wrote: > Hi Eliezer, > > I need access log with url and time taken by the server for debugging some > issues. I will be intercepting SSL only for a week or so till the issue is > resolved. > > Regards, > Shinoj. > > -----Original Message----- > > From: Eliezer Croitoru [mailto:eliezer@xxxxxxxxxxxx] > Sent: Tuesday, November 19, 2013 8:01 PM > To: squid-users@xxxxxxxxxxxxxxx > Subject: Re: intercepting SSL connections with client > certificate > > Hey Shinoj, > > Your problem is not your own. > The main issue with SSL is even intercepting it. > I would not just say it on the law side of the matter. > > One of the issues is that SSL should be and end-to-end connection. > In infrastructure that a SSL encryption is enabled the SSL end point in > many cases do that as a SSL dedicated HW\SW node. > Behind a SSL reverse proxy there can be a whole new Internet for example. > > So breaking the SSL is as you see a very complicated task. > I would assume that when SSL interception is being done it means that > these connections needs inspection and it is possible that a client > certificate is not even allowed as a policy. > > I can think of a VPN solutions that use client side certificates. > > In this case I would assume that access to encrypted information from > inside this place will be so restricted that only system and engineering > staff will be allowed to access some places. > > Best Regards, > Eliezer > > On 19/11/13 15:39, Shinoj Gangadharan wrote: >> I guess I am stuck:) >> >> Thanks and Regards, >> Shinoj.
