Search squid archive

Re: How to configure a "proxy home" page ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hey Eliezer,

PC browsers non-required automated installers for CA. In it all simple
do by JS directly from page.

Can you do automated installer for mobile clients? iPhones, Android? For
both - mobile browsers and apps as well?

The problem is not install proxy CA. The problem is identify client has
no proxy CA and redirect, and do it only one time.

Splash is perfect idea, but it will execute too often.

So, require more elegant solution.

25.03.2018 15:29, Eliezer Croitoru пишет:
> Hey Nicolas,
>
> You can use a "splash page" concept which will contain a test page that will try to verify if the client has the root ca certificate installed.
> I have created and published an example at:
> https://github.com/elico/ca-cert-test-page
>
> And a real usage at:
> https://cert.rimon.net.il/
>
> If the client will first try to access an http site it will work but if the client will try https site it will not work but once the client will get pass the error page he will be able to get instructions on how and what to install.
>
> Will it work for your environment?
>
> Eliezer
>
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: eliezer@xxxxxxxxxxxx
>
>
> -----Original Message-----
> From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Nicolas Kovacs
> Sent: Friday, March 16, 2018 12:37
> To: squid-users@xxxxxxxxxxxxxxxxxxxxx
> Subject:  How to configure a "proxy home" page ?
>
> Hi,
>
> I have Squid + SquidGuard + SquidAnalyzer running on my LAN server as a
> transparent cache + filtering proxy, and it's working real nicely.
>
> When a client in my company wants to connect to the wifi, all he or she
> has to do is this:
>
> 1. Connect to http://nestor.microlinux.lan
>
> 2. Download the nestor.microlinux.lan.der certificate
>
> 3. Install the certificate in the web browser (Firefox does it
> automatically)
>
> 4. Surf the web
>
> Now I wonder if there is a way to configure this page as a "proxy home
> page" of some sorts. User who don't have the certificate installed
> normally get a big fat HTTPS error as soon as they connect to a secure
> site. So what I'd like to do is redirect "new" traffic to
> http://nestor.microlinux.lan, which also explains what is happening.
>
> I don't really know how to go about that, or if it is even possible.
> Maybe some basic form of authentication ?
>
> Any suggestion ?
>
> Cheers,
>
> Niki

-- 
"C++ seems like a language suitable for firing other people's legs."

*****************************
* C++20 : Bug to the future *
*****************************


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux