This works for me with Squid 3.5.4. Hope it helps.
Stanhttp_access allow localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnetgreen
http_access allow CONNECT localnetgreen
http_access allow localhostgreen
http_access allow CONNECT localhostgreen
# http_port and https_port
#----------------------------------------------------------------------------
http_port 192.168.192.1:800 intercept
https_port 192.168.192.1:808 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/var/smoothwall/mods/proxy/ssl_cert/squidCA.pem
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnetgreen
http_access allow CONNECT localnetgreen
http_access allow localhostgreen
http_access allow CONNECT localhostgreen
# http_port and https_port
#----------------------------------------------------------------------------
http_port 192.168.192.1:800 intercept
https_port 192.168.192.1:808 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/var/smoothwall/mods/proxy/ssl_cert/squidCA.pem
# localhost forward-proxy port needed for ssl_bump
http_port 127.0.0.1:800 intercept
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslproxy_session_cache_size 4 MB
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
sslproxy_session_cache_size 4 MB
# Do not bump local networks
ssl_bump none localhostgreen
ssl_bump bump all
sslcrtd_program /var/smoothwall/mods/proxy/libexec/ssl_crtd -s /var/smoothwall/mods/proxy/lib/ssl_db -M 4MB
sslcrtd_children 5
http_access deny all
ssl_bump bump all
sslcrtd_program /var/smoothwall/mods/proxy/libexec/ssl_crtd -s /var/smoothwall/mods/proxy/lib/ssl_db -M 4MB
sslcrtd_children 5
http_access deny all
On Fri, May 22, 2015 at 11:26 AM, Tony Peña <emperor.cu@xxxxxxxxx> wrote:
Hi... i tired to research about squid with ssl_bump with many guides.compiling from 3.48 to 3.5.4 and with squid.conf ok but not work for me.someone can share please a squid.conf with your ssl_bump snipped working actually...every manual/guide i found are with very older version, ad the suggest way is upgrade to last version.. but still stuck.i'm continue searching on the google with many variables to try got solution and now starting found my own emails on the list about this topic.i really appretiated the help.thanks in advance.--Antonio Peña
Secure email with PGP 0x8B021001 available at https://pgp.mit.edu
Fingerprint: 74E6 2974 B090 366D CE71 7BB2 6476 FA09 8B02 1001
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
