Search squid archive

Re: (SQUID 4.11) SSl_bump Fails on IOS and Android devices

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/05/20 8:26 am, Allan Raymond Ignacio wrote:
> I have compiled and installed SQUID_4.11-3 with SSL, CRTD on debian10
> and here is my configuration - 
> 
> 
...
> 
> ### I can browse https on laptops BUT when I used IOS devices or
> android, I get errors with this -
> 
> 
> 1589083941.053      1 192.168.10.15 NONE_ABORTED/200 0 CONNECT
> 157.240.18.35:443 <http://157.240.18.35:443> - HIER_NONE/- -
> 

The client is disconnecting during the TLS handshake. Worth looking into
the TLS traffic to see what is going on, but expect good chances that
cert pinning or TLS/1.3 is being used here.


> 
> If anyone can point to me what's wrong with my squid.conf configuration
> or can provide me with a working squid.conf for ssl_bump, I will be
> indebted to you. 
> 

Looks like a reasonable config to me.

An always-working config is not possible at this time. TLS is still a
volatile environment and the SSL-Bump features constantly undergoing
improvements. Which some of its behaviours are gaining stability, the
SSL-Bump feature overall is still experimental.

Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux