Search squid archive

Re: Squid 3.5.2 and Avast free anti-virus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/03/2015 1:29 a.m., Alan Palmer wrote:
> Squid 3.5.2 intercept mode and Avast free antivirus 2015 on windows 7
> aren't playing well together.  Chrome returns a ca invalid error,
> details reveal
> its the avast web/mail shield cert that its not being trusted.
> Everything works if
> I turn the webshield off, or on a very strange note, works fine on a
> Windows XP
> (I know, old/bad, upgrade blah blah) machine also running avast 2015.  The
> windows XP version does have a difference cert than the windows 7 version
> however.  Avast seems to be doing a sslbump on its own between the client
> and the squid proxy.  Does anyone else have a similar setup working, and
> if so
> whats the magic incantation to make it play nice?


This is roughly what the inter-tubes usually look like:

 browser -> AV ===> router ===> NAT -> Squid ===> Internet


As you can see the browser -> AV link has to be working first before
traffic has a chance of even getting near Squid. So config in Squid is
not going to help there.


You may be able to get the Avast CA cert to be trusted by Chrome.
Otherwise a reasonable backup is to drop the WebShield on-machine and
using ICAP in Squid to pass traffic to an AV scanner instead.

Amos

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users





[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux