Hello,
Thank you to everyone who works on this great project! I have been using Squid as an intercept for a while now and am very happy.
I have a high level question regarding SSL_Bump.
My company recently switched to using SSL for our web services, which requires me to make some changes to the way that we use Squid.
I have a need to place a header value into requests coming to our own domain (ex. https://www.myhost.com) for proper usage. Before using SSL I was using request_header_add without any issues and getting perfect performance. Now with SSL I still need to get a header value into the requests to our domain.
I do not wish to bump/inspect all traffic over 443, I only wish to add a header to request to my own domain. Since I am the domain admin I have access to the certs from the CA. I understand how acls work and am not concerned about setting this up.
I would like to know what you all think about using our domains actual certs (www.myhost.com) to bump only that domain and add the header field that I need. Will this allow me to modify the header without the client knowing or their browser telling them about man in the middle? My knowledge of SSL/TLS is low but growing everyday.
Thank you for your attention and please ask more questions if my situation is not clear.'
James
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
