Search squid archive

How to restrict the maximum negotiated version of squid HTTPS to TLS1.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi, this is part of my squid.conf:
https_port 192.168.30.4:3129 intercept ssl-bump connection-auth=off generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/opt/squid/ssl_cert/CA.pem sslflags=NO_DEFAULT_CA 

acl broken_sites ssl::server_name foo.com 
acl ssl_step1 at_step SslBump1

ssl_bump peek ssl_step1
ssl_bump bump broken_sites
ssl_bump splice all

so how to restrict the maximum negotiated version of squid HTTPS to TLS1.2?
I also try configure like this:


https_port 192.168.30.4:3129 intercept ssl-bump connection-auth=off generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/opt/squid/ssl_cert/CA.pem  version=4 


it did not work.

the access.log show TCP/TUNNEL 200
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux