Hi, It's unclear to me if I can use TPROXY for HTTPS traffic. If I divert traffic and use tproxy in the Linux kernel and then set this in squid: https_port 3130 tproxy ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=16MB cert=/etc/ssl/squid/proxyserver.pem it seems to be working fine, just as if I were to REDIRECT https traffic and then use this in Squid: https_port 3130 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=16MB cert=/etc/ssl/squid/proxyserver.pem So, does anyone know if it's not recommended / not supported to use tproxy with https traffic? I'm asking because I don't see any issues with tproxy, with the added advantage of being able to route on the gateway per source IP addr. (in intercepted mode, the source is always Squid). Are there any reasons for which one would not use TPROXY with HTTPS? Vieri _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
