On 18.09.2015 22:29, Alex Rousskov wrote:
acl nobumpSites ssl::server_name "/etc/squid3/allowed_SSL_sites.txt"
ssl_bump peek step1
ssl_bump splice step2 nobumpSites
ssl_bump bump all
I do not see the reason for the "step2" ACL in the above. Do you?
it should be either "ssl_bump splice
Hi guys,
I'm still confused about peek and stare. Correct me please if I'm wrong.
1. the only way to by absolutely sure what is transmitted over a SSL
tunnel is bumping the connection - there is no other possibility.
2. some important websites shouldn't be bumped - like banking or payment
Hello, I'm kinda confused about the "Peek and Splice" technique
introduced in Squid 3.5.x.
--
My goal is to allow CONNECT-method ONLY to certain web-pages (mainly
banks, payment systems). The rest of https-sites should be allways bumped.
-
And this can