On 16/02/18 01:44, Peter Viskup wrote: > Running squid version 4.0.23 with logformat including > > SSLBumpMode=%ssl::bump_mode SSLSNI="%ssl::>sni" > SSLClientProto="%ssl::>negotiated_version" > SSLServerProto="%ssl::<negotiated_version" > SSLBumpClientCipher="%ssl::>negotiated_cipher" > SSLBumpServerCipher="%ssl::<negotiated_cipher" > SSLBumpSubject="%ssl::<cert_subject" > SSLBumpIssuer="%ssl::<cert_issuer" > > and ssl_bump configured simply with > > ssl_bump bump all > http_access allow all > > the messages still logged with dashes for Subject and Issuer values > > SSLBumpMode=bump SSLSNI="www.google.sk" SSLClientProto="TLS/1.0" SSLServerProto > ="TLS/1.2" SSLBumpClientCipher="ECDHE-RSA-AES256-SHA" > SSLBumpServerCipher="ECDHE-RSA-AES128-GCM-SHA256" SSLBumpSubject="-" > SSLBumpIssuer="-" > > I am doing something wrong or did I overlooked something? > Was there actually a server involved? You told Squid to "bump all" which, by itself, means bump immediately after client Hello arrives. So there is no server cert to get details from until after bumping finishes and the first HTTPS request is processed - triggering server contact to pass it upstream (unless that is a HIT). Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
