Hi Amos, If you need something to take a look let me know. Thanks Josep -----Mensaje original----- De: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] En nombre de Amos Jeffries Enviado el: domingo, 19 de octubre de 2014 22:32 Para: squid-users@xxxxxxxxxxxxxxxxxxxxx Asunto: Re: windowsupdate and ssl_bump -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 18/10/2014 8:56 p.m., Josep Borrell wrote: > Hi, > > We are using a 3.4.8 squid Proxy in intercept mode via wccp. Squid > intercepts HTTP and HTTPS via ssl_bump. All is working fine except > that Windows Machines can't do a Windows Update. It is not working at > all giving an error 80072F8F with HTTPS redirection disabled all work > fine. > > Someone knows how to maintain the SSL interception with a functional > Windows Update ? Windows Update has always done a "call home" CONNECT rquest to port 443 to verify the licensing or something. It may or may not actually be HTTPS. I would look into what is happening with those requests with your bumping setup. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJURB+6AAoJELJo5wb/XPRjGzQH/jOWkNZMTRIL0X87hmPLYjEd L1qoE4F+/Phh+d3aMl9EJxhdWQ6BuYOdNGTrL1Jpq4/37xFxUj3vCuZ638iY6Mad ETQYTwb1oiX5vzJs0P/VaswJeQ36pR5yAMP0RmS3Y2uBTxeD9kSjQLwiwezt0BKI obUqwJHcGS+K8CXsLfJle4ivIDkOy+BNFt/ujOYjjQ8UaY1Sg2GLZU2rtCFOoqav 05p62E4/jVkrBUP7o4AXFJADXHjaH/73FB/XY517vWp8R181xz6eWYcbkF8zdhzA TixCnmt83mJEH5AdkNpl4IRRzaIPP4KsBTUUE4LN9cHH/ZS9ZQHPc2bKVVjr/aU= =g5io -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
