Search squid archive

Squid "bumping" traffic despite using "splice" directive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

We're seeing some strange behavior where certain sites, especially those hosted by Google, including youtube.com, where the HTTPS traffic is being "bumped" and users are getting certificate errors with our self-signed certificate and CA appearing in the certificate details.

What is strange is that we have the squid.conf set to either "splice" or "terminate" all HTTPS traffic.  There is NO traffic that is supposed to be bumped at all (because we are not able to load our CA cert on all client machines).

Here is the significant portion of our squid.conf:

acl sslallow ssl::server_name "/path/to/file"
ssl_bump peek all
ssl_bump splice sslallow
ssl_bump terminate all

Most of the sites in acl sslallow work as expected...but some sites come back with a certificate error as described above, suggesting that they were "bumped" using our mimicked certificate.  This behavior also isn't 100% reproducible...sometimes it works as expected, though it usually does not.

Another note:  Seems to happen mainly on mobile browsers and on Chrome browser running on Google Chromebooks.

Is there something I'm missing?  Is there a way to ensure that NO sites are being bumped at all?  (For our deployment, we'd rather terminate than bump if splicing isn't possible).

Thanks,

Tom

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux