-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You only have external helper (which is must wrote yourself) in 3.4.x. Works with domains in ssl bump fully available at least 3.5.x 12.03.15 21:01, Mukul Gandhi пишет: > I am running squid 3.4.8 and am looking for solutions to ssl_bump > for specific domains only. Going through the archives it is clear > that it is not possible unless the reverse DNS points back to the > domain that is to be ssl bumped. > > So then what is the solution to this problem. I just want to create > a SSL whitelist of domains that are to be bumped and the rest > should be tunneled through. What I have is - > > ssl_bump none localhost acl ssl_whitelist dstdomain > "/tmp/ssl_whitelist.txt" ssl_bump server-first ssl_whitelist > > The file /tmp/ssl_whitelist.txt contains - > > .facebook.com .twitter.com .pintrest.com > > Of course, this doesn't work because the ip address for these > websites points back to <something>.akamaitechnologies.com. > > All I want is to be able to decrypt just the traffic to these > three web-sites, the rest should go through encrypted. But I > couldn't find a solution for this anywhere in the archives. I did > see some mention of using SslBump1/2/3 but it wasn't clear if this > was the silver bullet. Also I would have to upgrade to 3.5 to use > these new directives. > > Any idea how I can achieve this in 3.4.8 (if possible)? Or if I a > solution exists for this in 3.5? > > Thanks, -Mukul > > > > _______________________________________________ squid-users mailing > list squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJVAar2AAoJENNXIZxhPexGm5MH/0JUWgIjDrNb8+a0b66iyY+x uWgoNnGqBKL/gzQt3AmKv3P31/3Vc8wCpMlSd3HpOSeyOtJ4pYAqI3kw1o91kkEK YJ1wGc4FN+8sxUplA9+Kz/XDxpxTFAvS4/9d5AUOmxCoi2PmIhThozl8X8fIMdv/ 7shy+Ce9kKj/ozSievVaePxdH+OUd0fmdKtDrv1aenxQpclaZSkuwEflQ3idTYBu zTpNP3AvEP4+32yb2W+mP4p1JgHwUAi60hEz3kP9pxd+Ym2kuZeFDF5ZV2x2/cKQ iRpmS++2kOt0nIT074PhV8dzPfD1lZt7atQT+mBJhLvzlD5Sxvxqll7Z/dpQSSI= =P+8j -----END PGP SIGNATURE----- _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
