[pfSense] Squid transparent with SSL interception - CA certificate problem

2018-02-06 Thread Roberto Carna
People, I've setup a transparent Squid proxy for WiFi clients. I'm using SSL interception so I had to generate a CA private certificate (generated from pfSense certificate manager tab). But when I add this CA private certificate to several Android an Iphone devices in order to proxify and filter S

[pfSense] Bug found: Remote Logging Options and IPv6

2018-02-06 Thread Christoph Haas
Dear list, I dare say that I have found a bug in version 2.4.2-RELEASE (amd64). When setting up syslog forwarding in the "Remote Logging Options" I can choose IPv6 as "IP Protocol" but when I save the field switches back to IPv4 and logging fails to the given IPv6 address. Should I report that s

Re: [pfSense] Squid transparent with SSL interception - CA certificate problem

2018-02-06 Thread Alex Threlfall
They may be hard coded to look at only their own CA to prevent MiM attacks, or use their own certificate store (for a similar behaviour). Alex. > -Original Message- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Roberto > Carna > Sent: 06 February 2018 13:32 > To: pfSen

Re: [pfSense] Squid transparent with SSL interception - CA certificate problem

2018-02-06 Thread Roberto Carna
Dear Alex, so there is no solution to the given problem ??? I refer to install a CA private certificate in mobile devices and let them navigate and use applications through a transparent proxy without SSL errors... Regards, 2018-02-06 11:35 GMT-03:00 Alex Threlfall : > They may be hard coded to

Re: [pfSense] Squid transparent with SSL interception - CA certificate problem

2018-02-06 Thread Paul Mather
On Feb 6, 2018, at 10:03 AM, Roberto Carna wrote: > Dear Alex, so there is no solution to the given problem ??? > > I refer to install a CA private certificate in mobile devices and let > them navigate and use applications through a transparent proxy without > SSL errors... It could be that th

Re: [pfSense] Bug found: Remote Logging Options and IPv6

2018-02-06 Thread Steve Yates
There is a bug tracker at https://redmine.pfsense.org/projects/pfsense -- Steve Yates ITS, Inc. -Original Message- From: List [mailto:list-boun...@lists.pfsense.org] On Behalf Of Christoph Haas Sent: Tuesday, February 6, 2018 8:11 AM To: pfSense Support and Discussion Mailing List Subje

Re: [pfSense] Squid transparent with SSL interception - CA certificate problem

2018-02-06 Thread WebDawg
You may just want to switch to inspection. On Tue, Feb 6, 2018 at 10:44 AM, Paul Mather wrote: > On Feb 6, 2018, at 10:03 AM, Roberto Carna wrote: > >> Dear Alex, so there is no solution to the given problem ??? >> >> I refer to install a CA private certificate in mobile devices and let >> them