On 4/27/21 1:33 PM, Justin Cook wrote: > We are running into a situation where we are unable to fully > authenticate our users to an internal tooling service that requires > certificate authentication as part of its login process, when going > through squid forward proxy with SSL bump enabled. SslBump does not support "TLS inside TLS" configurations, which is what you get when you combine certificate-based proxy authentication (which requires an https_port working in a forward proxy mode) with SslBump (which, for an https_port, currently requires an interception proxy mode). It is possible to add support for "TLS inside TLS", but it requires a serious development effort. https://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F HTH, Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
