On 5/01/2016 10:32 a.m., George Hollingshead wrote: > Sorry i'm a newb with dumb questions first of all :) > > I'm only interested in using bump so i can see https visited so i can block > as needed. Okay. A little more detail is needed to clarify what exactly you needed access to. TLS often provides SNI values that equate roughly to the domain name being visited. No decrypt is needed to make use of that, peek then splice actions can work fine inspecting teh traffic without any decrypt related problems. Bump (decrypt) is only needed if specific HTTP message values (method, version, headers and URL path) are needed by the ACLs. > > I am using latest 3.5.12 and was told i can use ssl bumping and have a wiki > link to show me how. > > only problem on the wiki is that it says i have to install certificates on > each client machine which is a problem. This proxy will mostly be used for > smart phones on the wifi network. That is for bumping to work without showing the user/client any TLS/SSL warnings. If you only need splicing those warnings are rare (but can still happen when splice is not possible) - it is your choice whether to use the client CA install and avoid them entirely, or cope with the warnings. > > Is there a method i can use to see https sites visited without having to > install trust certificates on every device? "sites" (as in domains) yes. URLs no. > > if there is, i would be eternaly greatful and a basic config example of > what i need in squid.conf. > The section titled "Peek and SNI and bump" on <http://wiki.squid-cache.org/Features/SslPeekAndSplice> but without the "ssl_bump bump" line sounds like what you need for the ssl_bump rules. The http(s)_port rules remain the same. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users