Search squid archive

Re: ssl + stunnel and cache peer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



And note that i need ssl bumping not splicing


Baselsayeh wrote
> hello
> im trying to get squid + stunnel working
> my setup is
> 
> my pc with squid(as stunnel client) -----> stunnel and proxy(normal non
> https)
> squid should be bumping the connection
> 
> my config:
> 
> https_port 3429 intercept ssl-bump generate-host-certificates=on
> dynamic_cert_mem_cache_size=200MB cert=/tmp/rootpem.pem key=/rootkey.key
> ssl_bump stare step1 all
> ssl_bump bump all
> sslcrtd_program /lib/squid/ssl_crtd -s /var/cache/squid/ssl_db/ -M 200MB
> #editback
> sslcrtd_children 3 startup=1 idle=1
> 
> sslproxy_flags DONT_VERIFY_PEER
> sslproxy_cert_error allow all
> cache_peer 192.168.10.101 parent 1238 0 no-query no-digest ssl
> sslcert=/home/basel/stunnel.pem sslflags=DONT_VERIFY_PEER
> never_direct deny step1 step2
> never_direct allow all
> 
> if ive connecting to http host then its fine but
> ive got these errors:
> 1-squid isnt replacing the cert with the one in https_port
> 2-i cant surf any https site





--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ssl-stunnel-and-cache-peer-tp4676844p4676845.html
Sent from the Squid - Users mailing list archive at Nabble.com.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux