On 05/22/2017 08:14 AM, yuriang wrote: > It is possible to use SSL_bump on my squid server 3.5.23, if my parent > cache (cache_peer) does not use ssl_bump (not configured). I do not think it is possible to use SslBump steps 2+ with cache_peers that expect plain HTTP requests. AFAICT, for SslBump to work with a cache peer beyond the first step, the cache_peer line in the child squid.conf has to configure that peer as an TLS origin server. Here are some potentially relevant emails about this missing feature: http://lists.squid-cache.org/pipermail/squid-users/2017-January/014283.html http://lists.squid-cache.org/pipermail/squid-users/2017-January/014287.html http://lists.squid-cache.org/pipermail/squid-users/2017-January/014290.html Please note that this is not about "my parent does not use ssl_bump" specifically but about "I use a cache_peer" in general. Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
