On 6/10/19 12:27 pm, joseph wrote: > dose squid send to cache peer ssl after ssl_bump clear link or ? What is "ssl_bump clear link" ? ssl_bump is used only when TLS bytes are expected from the client. cache_peer is used whenever a server connection is made, except when always_direct prevents it. Squid-4 and older requires the peer to use encrypted connections when the traffic delivered there has been *decrypted* by Squid. So that the security is not compromised. Squid-5 allows CONNECT tunnels to be generated, so can re-encrypt over a non-secure peer. > how ssl work between squid and peer ? do i need keys > The same way TLS/SSL works between any software. Keys being needed, and which type depend on the TLS features used. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
