Hello.
I've got the following config:
...
http_port 8080 ssl-bump cert=/usr/local/etc/squid/proxyCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
https_port 3129 intercept ssl-bump cert=/usr/local/etc/squid/proxyCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
...
acl step1 at_step SslBump1
ssl_bump splice !bumphosts
ssl_bump splice splicedom
ssl_bump peek step1
ssl_bump bump all
...
So I've got port 8080 where proxy-aware client connect and 3129, which
is feeded intercepted https connection by ipfw.
Problem is: if a client connects explicitly via proxy (port 8080) it
gets SSLBumped; if a client simply connects to its destination https
port (so directed to 3129) it is tunneled.
Anything wrong in my config?
I think it worked in the past: has anything changed in this regard with
Squid 6?
bye & Thanks
av.
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.squid-cache.org/listinfo/squid-users
