I guess better way to do this is create special ACL to catch exactly certificate error and then redirect by 302 using deny_info to proxy page with explanation and certificate. Sadly, however I have no full solution for this logic (we're simple install proxy certificate manually), but idea exists ;) 16.03.2018 16:37, Nicolas Kovacs пишет: > Hi, > > I have Squid + SquidGuard + SquidAnalyzer running on my LAN server as a > transparent cache + filtering proxy, and it's working real nicely. > > When a client in my company wants to connect to the wifi, all he or she > has to do is this: > > 1. Connect to http://nestor.microlinux.lan > > 2. Download the nestor.microlinux.lan.der certificate > > 3. Install the certificate in the web browser (Firefox does it > automatically) > > 4. Surf the web > > Now I wonder if there is a way to configure this page as a "proxy home > page" of some sorts. User who don't have the certificate installed > normally get a big fat HTTPS error as soon as they connect to a secure > site. So what I'd like to do is redirect "new" traffic to > http://nestor.microlinux.lan, which also explains what is happening. > > I don't really know how to go about that, or if it is even possible. > Maybe some basic form of authentication ? > > Any suggestion ? > > Cheers, > > Niki -- "C++ seems like a language suitable for firing other people's legs." ***************************** * C++20 : Bug to the future * *****************************
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
