On 9/27/20 12:07 PM, sec wrote: > http_port 3128 ssl-bump ... > curl http://google.com -x https://admin:squid@localhost:3128 -v -k The above two lines do not match AFAICT: You tell curl to use an HTTPS proxy, but you tell Squid to expect plain HTTP proxy requests. Also, please note that if you fix the above problem by moving "https" from "-x" to the origin server URL, then you will probably face another problem: curl https://google.com -x http://admin:squid@localhost:3128 -v -k > ssl_bump allow all > cache_peer 127.0.0.1 parent 3129 0 ssl Squid does not (yet) support "TLS inside TLS": Talking TLS with the origin server through a cache_peer that also expects a TLS connection. HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
