On 01/22/2018 11:01 AM, Gopi Joshi wrote: > I have installed Squid 3.5 on REdHat and configured it in transparent > mode using WCCP. On 4500 switch we are redirecting Port 80 and 443 , i > am not able to see SSL websites in access.logs , it shows only IP > address.also we are not able to webchain SSL websites based on URL , > ssl_bump none all > is there a way for squid to see URL / Domain information for SSL Sites > without decrypting ? URLs -- no. Domains -- yes, in most cases. Most SSL clients should send a TLS SNI extension that contains some variation of the intended domain name. To get access to SNI, you should tell your Squid to peek at the SSL client handshake: ssl_bump peek step1 ssl_bump splice all If you also want to know the site certificate details, then you would need to peek at the server handshake as well: ssl_bump peek all ssl_bump splice all N.B. Please note that I do not know what "webchain websites" means. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
