On 2/03/2016 9:48 a.m., Baselsayeh wrote: > Yuri Voinov wrote > Aha, I'm stupid. > > Squid can't re-crypted peer connections. You need to splice peered > URL's before tunnel it into your peer. > > 28.02.16 2:07, Baselsayeh пишет: >>>> No >>>> What I need i need is >>>> Get ssl info from browser - squid - upstream proxy - internet >>>> Using cache_peer >>>> With ssl_bump >>>> But for some reason the upstream proxy wont get the https requests >>>> All I want is https -> sslbump -> upstream proxy via CONNECT request >>>> >>>> >> >> >> 0x613DEC46.asc (2K) >> <http://squid-web-proxy-cache.1019090.n4.nabble.com/attachment/4676286/0/0x613DEC46.asc> > > the parent proxy dont support anything but a plain Connect method http and > (s) > > is it possible in squid? > > config example? > Squid can: A) relay CONNECT message from client to any upstream proxy. B) generate CONNECT message on arriving intercepted HTTPS and relay that to upstream proxy *IF* (and only if) ssl_bump selects the 'splice' action. C) relay https:// URLs to an upstream TLS proxy. That is all at present. Squid cannot (yet) generate CONNECT messages to try and fetch TLS details via a non-TLS cache_peer. If you are able to sponsor that enhancement work patches are welcome, or sponsorship $$ to help pay persons working on these things (Christos / measurement-factory) are also welcome. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
