On 21 April 2016 at 22:04, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote:
acl no_ssl_interception ssl::server_name "/usr/local/etc/squid/ssl_bump_broken_sites.txt"
On 22/04/2016 6:20 a.m., Odhiambo Washington wrote:
> Hi Alex,
>
> I have now changed to *configurations suggested specifically for your use
> case, on this email thread* :)
>
>
>
> acl no_ssl_interception ssl::server_name
> "/usr/local/etc/squid/ssl_bump_broken_sites.txt"
> ssl_bump splice no_ssl_interception
> ssl_bump stare all
> ssl_bump bump all
>
> Now, suppose, as I think in my mind, bumping isn't really what I need, can
> I just comment out 'ssl_bump bump all' and sit easy or should I switch to
> ssl_bump splice all ??
No the "stare" being done will prevent splice and you will see breakage
or unexpected things again.
You have to replace 'stare' with 'peek' AND replace 'bump' with 'splice'.
Like below???
ssl_bump splice no_ssl_interception
ssl_bump peek all
ssl_bump splice all
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
