| Dear Amos & eliezer
all i need right now is just having it work , since I’m not interested in caching and i can accept the low security affect .
can i keep on squid 3.5 and do the idea of eliezer that is “"bypassing squid SSL unwrapping.”” ??
thank you
On 21/06/2016 9:43 a.m., --Ahmad-- wrote: Hi ,
i have squid that is working on 3.5 .
traffic of t 80 and 443 traffic to Squid via IPTables.
Squid then passes traffic to ClamAV via C-ICAP. Squid is configured to intercept all SSL traffic and PKI has been setup and distributed to all clients.
we have a problem in Skype of Business (Office 365) and Slack (Chat app) seems its broken from squid intercept.
* Skype uses a protocol which appears very much ike TLS/SSL. But is not. So it usually breaks when treated as TLS. * Office 365 uses a non-HTTP protocol (RTP, RPC) inside its TLS. So Squid cannot SSL-Bump it. * I imagine that Slack probably does not use HTTPS as well, but some other chat protocol. For all of the above you will probably need the on_unsupported_protocol feature in Squid-4. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxxhttp://lists.squid-cache.org/listinfo/squid-users
|
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
