On 11/13/2015 02:16 AM, Edouard Gaulué wrote: > I read on http://wiki.squid-cache.org/Features/MimicSslServerCert in the > "Delayed error responses" chapter: > "When Squid fails to negotiate a secure connection with the origin > server and bump-ssl-server-first is enabled, Squid remembers the error > page and serves it after establishing the secure connection with the > client and receiving the first encrypted client request. The error is > served securely. The same approach is used for Squid redirect messages > configured via deny_info." > > My ideas/questions: > 1/ Is there a way to have the same with new peek and splice feature? Yes, SslBump failures should result in delayed errors securely served to SSL clients where possible. This essential SslBump feature is not specific to the old server-first bumping method. If the latest Squid does not do this, it is essentially a bug. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
