Search squid archive

Re: Peek'n Splice (ssl_bump) and authentication Somewhat OT: Content Filter with https

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 06/08/2016 07:53 PM, Sergio Belkin wrote:

Thanks Eliezer, good summary. I've changed the subject to reflect better the issue. As far I undestand from documention one can bump https only by interception.

No.  ssl-bump works very well with regular proxy mode, i.e. the browsers configure the address and port of the proxy or use PAC.

But what about if one Windows user login against an Active Directory, will the authenticacion work to use the proxy?

I mean, what I'd want is:

- Only users of an Active Directory can use the proxy

In regular proxy mode, authentication and peek+splice works fine.
Note that peek+splice does not require Squid CA certificates on the clients.

- Block certains urls

Is that possible with squid+ufwdbguard?

ufdbGuard works always, independent if Squid uses interception or not.
The issue is the messages that a browser displays for the end user (see earlier email).

Marcus
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux