On 5/11/2016 1:43 a.m., Garri Djavadyan wrote: > The configuration for splice at step 3: > > # diff etc/squid.conf.default etc/squid.conf > 73a74,78 >> https_port 3129 intercept ssl-bump cert=etc/ssl_cert/myCA.pem > generate-host-certificates >> acl StepSplice at_step SslBump3 >> ssl_bump splice StepSplice >> ssl_bump peek all >> logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un > %Sh/%<a %mt %ssl::>sni > > > The result: > 1478256303.420 574 172.16.0.21 TCP_TUNNEL/200 6897 CONNECT > 104.124.119.14:443 - ORIGINAL_DST/104.124.119.14 - www.openssl.org > > > Is it a bug or intended behavior? Thanks. > The person (Christos) who designed that behaviour is not reading this mailing list very often. AFAIK, it depends on what the SubjectAltName field in the certificate provided by 104.124.119.14 contains. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
