Hi All,In my company, the HR uses an outsourced SaaS (on a unique public
IP) configured with a commercial SSL certificate (i.e. I have both the
private and the public key) accessed by our employees via a subdomain of our
company domain (saas.company.com) . Unfortunately, we cannot control the
data being transferred by the HR people and because of the GDPR the board wants
to be able to get alerts if anyone tries to transfer personal data to the cloud
+ a general channel to check against any data exfiltration.My idea is to
set to route all traffic going to sass.company.com via a box running
Squid with SSL interception. I would like to install the same cert as the one
used with the SaaS. This is to avoid the need of installing any additional
certs on use's' machines. Unfortunately, I cannot find an option to set Squid
with a single commercial cert instead of a CA (commonly used to intercept
generate individual certs for all of the SSL traffic).Does anybody have any
suggestions on the viable setup?Best wishes,Kristin
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
