Moreover, SSL Bump combines with interception/explicit proxy in one setup. And works perfectly. 13.03.2018 21:14, Marcus Kool пишет: > "SSL bump" is the name of a complex Squid feature. > With ssl_bump ACLs one can decide which domains can be 'spliced' (go > through the proxy untouched) or can be 'bumped' (decrypted). > > Interception is not a requirement for SSL bump. > > Marcus > > On 13/03/18 11:44, Danilo V wrote: >> I mean SSL bump in explicit mode. >> So intercept is a essencial requirement for running SSL bump? >> >> Em ter, 13 de mar de 2018 às 11:10, Matus UHLAR - fantomas >> <uhlar@xxxxxxxxxxx <mailto:uhlar@xxxxxxxxxxx>> escreveu: >> >> On 13.03.18 13:44, Danilo V wrote: >> >Is it possible/feasible to configure squid in explicit mode >> with ssl >> >intercept? >> >> explicit is not intercept, intercept is not explicit. >> >> explicit is where browser is configured (manually or >> automatically via WPAD) >> to use the proxy. >> >> intercept is where network device forcifully redirects http/https >> connections >> to the proxy. >> >> maybe you mean SSL bump in explicit mode? >> >> >Due to architecture of my network it is not possible to implement >> >transparent proxy. >> >> excuse me? >> by "transparent" people mean what we usually call "intercept". >> >> >What would be the behavior of applications that dont support >> proxy - i.e. >> >dont forward requests to proxy? >> >> they mest be intercepted. >> >> -- >> Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx >> <mailto:uhlar@xxxxxxxxxxx> ; http://www.fantomas.sk/ >> Warning: I wish NOT to receive e-mail advertising to this address. >> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. >> Micro$oft random number generator: 0, 0, 0, 4.33e+67, 0, 0, 0... >> _______________________________________________ >> squid-users mailing list >> squid-users@xxxxxxxxxxxxxxxxxxxxx >> <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx> >> http://lists.squid-cache.org/listinfo/squid-users >> >> >> >> _______________________________________________ >> squid-users mailing list >> squid-users@xxxxxxxxxxxxxxxxxxxxx >> http://lists.squid-cache.org/listinfo/squid-users >> > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -- "C++ seems like a language suitable for firing other people's legs." ***************************** * C++20 : Bug to the future * *****************************
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
