First goes first is to restart the client machine to verify that the certificate is installed. If you want a list of "banned" ssl sites you will need to do some research on your clients needs... Nobody can do your work for you without knowing your "thing". The overall slow down is from both sites that are probably trying to encrypt but it's still not something you cannot do without any system policy. If you have a regulation policy on encrypted traffic you will be able to force your clients first and allow later. Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile+WhatsApp: +972-5-28704261 Email: eliezer@xxxxxxxxxxxx -----Original Message----- From: Linda W [mailto:squid-user@xxxxxxxxx] Sent: Sunday, October 2, 2016 10:00 AM To: Eliezer Croitoru Cc: squid-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: --enable-openssl-crtd -- not building openssl-crtd? (3.5.21) Eliezer Croitoru wrote: > Hey Linda, > > If you need some help later we are here for any advice. > Can you say on what OS are you compiling the software? --- opensuse 13.2 I have to see what else is needed (if anything). I already imported the squid-cert into my browser, but not sure if it is bumping anything or not. What I'd like to do is create a list of ssl-"banned" connections where it can store objects from those sessions into the cache under plaintext names so for those sites I can regain squid-caching that is shareable between different sessions. Right now, due to the ssl-junkies (those who want everything encrypted because it hides their streams from user eyes), it seems that many objects that used to be cached, now, can't be cached because they are part of a TUNNEL where individual objects are no longer discernible. I've noticed an overall slowdown of websites due to the slowdown from encrypting & decrypting as well as not being able to cache commonly used items. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
