I guess, there is no easy solution for this job. The more difficult tasks is also mobile clients. In my case, I use just a bit simple JS-trick solution found on serverfault once upon a time. It is point-and-click based, but not works for each and every browser. Just for Chrome-based/Firefox and MS Edge (with some difficults). Also, don't forget about such thing like JRE. Sometimes it also requires to install cache root CA. And, such thing as Thunderbird - it does not share certificate store with FF. 12.03.2018 15:40, Nicolas Kovacs пишет: > Hi, > > I have a few prospective clients who want/need to log and monitor all > their web traffic and asked me to find a viable solution for this. > > After a couple of weeks of fiddling, I decided to opt for the > Squid+SquidAnalyzer setup, which works quite well. I have a sandbox > installation here in my office that already works quite satisfyingly. > > While working out the solution (thanks again to you guys, you know who > you are), I took some extensive notes on my technical blog: > > * https://blog.microlinux.fr/squid-centos/ > > * https://blog.microlinux.fr/squid-https-centos/ > > * https://blog.microlinux.fr/squidanalyzer-centos/ > > * https://blog.microlinux.fr/squid-exceptions/ > > I have yet one problem to tackle, and I already have a solution in mind. > Though I thought I'd rather ask here first, since this is a bit new to > me, and you guys have much more experience. > > Most of my clients are small businesses with up to a few dozen client > PCs, and also wireless access. > > The problem I'm currently facing is: how to provide an easy installation > of Squid's root certificate? During my tests, I wrote some short > instructions for my Linux clients with Firefox, Chrome and Konqueror: > > https://blog.microlinux.fr/squid-https-centos/#navigateurs > > Here's what I intend to do. Configure a local web page > http://proxy.company.lan where clients can download the certificate file > proxy.company.lan.der. This page also contains quick & dirty > instructions on how to install the certificate on the most popular > browsers/platforms (Chrome, Firefox, Safari, Internet Explorer). > > Each company will also have a printed document, explaining how to access > the Internet. Something like this: > > 1. Open http://proxy.company.lan in your browser. > > 2. Download the proxy.company.lan.der certificate file. > > 3. Follow instructions to import this file into your browser. > > 4. Browse the web normally. > > Before doing that, I thought I'd inquire how you guys go about that. As > a long-time Slackware user I've always been a fan of the KISS principle > (Keep It Simple Stupid), so I try to have a no-nonsense approach. > > Any suggestions? > > Cheers from the sunny South of France, > > Niki > -- "C++ seems like a language suitable for firing other people's legs." ***************************** * C++20 : Bug to the future * *****************************
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
