Hi, thank you for reply me. Really appreciated!
I modified the squid conf file to:
http_port 2128 ssl-bump cert=/etc/squid/ssl_cert/example.com.cert \
key=/etc/squid/ssl_cert/example.com.private \
generate-host-certificates=on \
dynamic_cert_mem_cache_size=4MB
https_port 3130 cert=/etc/squid/ssl_cert/example.com.cert \
key=/etc/squid/ssl_cert/example.com.private
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic children 5 startup=0 idle=1
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
acl ncsa_users proxy_auth REQUIRED
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump bump all
http_access deny !ncsa_users
http_access allow ncsa_users
And it's working for http_port. I put the cert into
/etc/pki/trust-ca/source/anchor, and run a update-ca-trust command. And both
aws cli and curl command work now. I am still not sure why https_port desn't
work.
The previous setting work with curl but not aws cli, not sure why it failure
during tls handshake.
Thank you
--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
