-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 9/01/2015 11:45 p.m., Yuri Voinov wrote: > > I have working production 3.4.10 with working ssl bumping. > > Config was the same as working 3.4.10. I've just want to take a > look on new release. > > in squid.documented said, than backward compatibility server-first > and none options for ssl_bump are kept. > > But: > > Neither works with old syntax, nor new. > > Looks like target https hosts not resolved and bump got only IP. The config values are still accepted, but there is an extra bumping stage now before the SNI is available. You are wanting to peek at stage 1 (to get the client SNI details) and server-first/splice at stage 2 (using the domain). Otherwise All Squid works with when intercepting are the TCP IPs. Amos -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUr7QWAAoJELJo5wb/XPRjH3UH/RgN6NVH76gyTpHjR5sEWwJe fXWo9LA2sxr/eNGsRLs6/6/LpETVLW7Zq5hGJ8eq6EzHs/htYfCD5nsJHFmPUsRs Jln8LiifwCvb7aErH9oeIgjnexC2qAjuAvDZIWpntVFUPwg7R52/CyMZbLMk6czm egQNVBjBPzbI4dYgBJwwdyUMbr8zDpDq4z0QL+4ESKt87KKpTvupUhByJ8mdv1Gw cZgTaqG2fC5GCuJ2dajuv8iKtVR1Ij6+iFYmz9dzWu+T3CQds4uTTWkuumjlI3L9 4UOf/T8mgMks9HQZ+muGltnmVdM0M7Mc3JexB1JKK4ELUmswN1oTDEdUOiMTLTE= =qZfl -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
