By the help of God
The https interception guide in this link: https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit#squid-configuration-file
is misleading as it uses http_port for ssl-bump and not https_port.
בתאריך יום ה׳, 15 ביוני 2023 ב-16:08 מאת Alex Rousskov <rousskov@xxxxxxxxxxxxxxxxxxxxxxx>:
On 6/15/23 07:31, Ben Goz wrote:
> the tproxy configuration works perfectly using http without ssl,
> But using ssl I'm getting in browser ssl error "ERR_SSL_PROTOCOL_ERROR"
> http_port 0.0.0.0:3130 tproxy ...
This http_port is for plain text HTTP interception. The configuration
needs an https_port (note the "s") dedicated to TLS interception instead.
> TPROXY tcp -- anywhere anywhere tcp
> dpt:https TPROXY redirect 0.0.0.0:3130 mark 0x1/0x1
The above rule should redirect traffic to that https_port.
HTH,
Alex.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
