Search squid archive

SSL bump not working w/some sites.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I have the SSL bump feature setup and so far have been happy with
it, but today, I got an error from a website, saying they detect my
ability to monitor my webtraffic and refuse to allow it:

The following error was encountered while trying to retrieve the URL: https://consumercomplaints.fcc.gov/hc/en-us

   Failed to establish a secure connection to 192.161.147.1

The system returned:

   (71) Protocol error (TLS code: X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN)

Self-signed SSL Certificate in chain: /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2

This proxy and the remote host failed to negotiate a mutually acceptable security settings for handling your request. It is possible that the remote host does not support secure connections, or the proxy is not satisfied with the host security credentials.

Your cache administrator is webmaster.
-------

How are they detecting and how can I disable their ability to detect
my local setup?
If they can detect SSLbumping, so can every other
site using HTTPS, which will eventually lead to ALL sites checking the
connection settings for some "purported" reason of "protecting me"...

Thanks for any good workarounds...





_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux