RE: [squid-users] ssl-bump not working in non transparent mode

[Nil Nik]

Thanks for your reply.

I used following line  its working fine:
http_port 10.10.16.56:3128 ssl-bump intercept generate-host-certificates=on 
dynamic_cert_mem_cache_size=4MB cert=/etc/squid/mycert.pem

But now its showing certificate error for every https website. How we can 
resolve this error?



 Date: Sat, 28 Jun 2014 21:47:48 +0300
 From: elie...@ngtech.co.il
 To: squid-users@squid-cache.org
 Subject: Re: [squid-users] ssl-bump not working in non transparent mode

 Hey Nil,

 Are you aware that you need to use the ssl-bump flags and
 dynamic_cert_mem  etc on the forward regular proxy mode?
 such as:
 http_port 10.10.16.56:3128 ssl-bump ...(all other settings)

 For it to work?

 Eliezer

 On 06/27/2014 03:45 PM, Nil Nik wrote:
 http_port 10.10.16.56:3127 intercept
 http_port 10.10.16.56:3128
 https_port 10.10.16.56:3129 generate-host-certificates=on 
 dynamic_cert_mem_cache_size=4MB cert=/etc/squid/mycert.pem intercept ssl-bump

  

Re: [squid-users] ssl-bump not working in non transparent mode

[Eliezer Croitoru]

Hey Nil,

Are you aware that you need to use the ssl-bump flags and 
dynamic_cert_mem  etc on the forward regular proxy mode?

such as:
http_port 10.10.16.56:3128 ssl-bump ...(all other settings)

For it to work?

Eliezer

On 06/27/2014 03:45 PM, Nil Nik wrote:

http_port 10.10.16.56:3127 intercept
http_port 10.10.16.56:3128
https_port 10.10.16.56:3129 generate-host-certificates=on 
dynamic_cert_mem_cache_size=4MB cert=/etc/squid/mycert.pem intercept ssl-bump