Hey there, This was asked in the past month twice if i'm not wrong.In the stage when you use ssl_bump.. squid dosn't have any sense of dstdomain. Means that when squid bumps and knows the site name the connection is already bumped and knows about it but when you want to apply a whitelist squid only works on the IP level.
So instead use iptables and\or squid "dst" as a whitelist level. Eliezer On 05/02/2014 12:21 AM, Ikna Nou wrote:
acl broken_sites dstdomain "/etc/squid3/acl/ssl_whitelist.acl"
