On 2/06/2016 6:33 p.m., Peter Viskup wrote: > Hello all, > just wondering whether it is possible to perform SSLBump/SSLSplit for > non-HTTPs connections. At the moment we are interested in FTPs. Only protocols supported for regular proxying by Squid can be SSL-Bumped. There is no point in doing it for a protocol that will just get a TCP RST. FTP is in a grey area since Squid now supports relaying it. But AFAIK we only support regular un-encrypted FTP. I might be wrong though so you could give it a go. > We are running Squid 3.4.2 version. > If you are going to MITM the TLS layer use the latest Squid version and keep up to date. TLS is undergoing an arms race and older versions dont work reliably for very long. Changes appear to have slowed a bit recently, but still the oldest fully/properly working version is the current 3.5.19. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
