Search squid archive

Re: How to setup a secure(!) squid proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

It's a debian. But an ubuntu howto will also work with debian.
Here is the broken link:

I combined this two instructions:
http://wiki.squid-cache.org/Features/SslBump
http://wiki.squid-cache.org/Features/DynamicSslCert

(The latest stable squid on ubuntu is 3.4)


Message: 5
Date: Wed, 13 Jan 2016 23:19:21 +1300
From: Amos Jeffries <squid3@xxxxxxxxxxxxx>
To: squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re: How to setup a secure(!) squid proxy
Message-ID: <569624A9.202@xxxxxxxxxxxxx>
Content-Type: text/plain; charset=utf-8

On 13/01/2016 10:16 p.m., startrekfan wrote:
> Hello
>
> I need to setup a squid 3 proxy with https bumping. Unfortunately I'm not
> very familiar with squid and https in general.
>
> I already perfomed the following steps:
>
> *1.) compile from source*
> ./configure --with-openssl   --enable-ssl-crtd
> make
> make install

You now have Squid pieces installed in the BSD default locations.

>
> *2.) configuration (http)*
> I used this guide: https://help.ubuntu.com/community/Squid
>

Is this an Ubuntu system? if not the Ubuntu advice will be wrong.

At the very least the advice to start installing Squid with "apt-get
install apache2" is wrong.



> *3.) configuration (https)*
> I used this guide: http://wiki.squid-cache.org/ConfigExamp ... mpExplicit

huh? what URL was that supposed to be?

>
> The server is now working for http and https, but is the server secure, too?
>
> Is the default config already secure or do I need to configure additional
> security features? (e.g. things like cert validation, cert pinning, [dont
> know what's importend], ...)
>

The default squid.conf perfoms HTTP securely. Without HTTPS. What your
config does nobody can say without seeing what it is.

Amos



------------------------------

Subject: Digest Footer

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users


------------------------------

End of squid-users Digest, Vol 17, Issue 43
*******************************************
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux