Many thanks, ASAP i will try.
V
2016-03-21 20:01 GMT+01:00 Jason Haar :
> It's really not much more than what I first posted (I can't send my config
> - it's pretty specific to our site - you'll have to figure out the standard
> stuff yourself)
>
> So this will make a
It's really not much more than what I first posted (I can't send my config
- it's pretty specific to our site - you'll have to figure out the standard
stuff yourself)
So this will make a squid-3.5 server capable of doing "transparent HTTPS"
without any fiddling with the transactions. Of course it
Hi all,
great, i'm just searching for this. Jason can you kindly post the whole
squid.conf?
Thanks
V
2016-03-20 22:29 GMT+01:00 Jason Haar :
> Hi there
>
> I'm wanting to use tls intercept to just log (well OK, and potentially
> block) HTTPS sites based on hostnames (from
Yeah I know that, but there are issues with invoking peek: like the host
forgery checks suddenly kick in, and squid starts seeing SSL errors
(probably due to CentOS6 not supporting the newest standards that Chrome
uses) and then squid starts blocking things. That's why I'm sticking to
this
On 21/03/2016 10:29 a.m., Jason Haar wrote:
> Hi there
>
> I'm wanting to use tls intercept to just log (well OK, and potentially
> block) HTTPS sites based on hostnames (from SNI), but have had problems
> even in peek-and-splice mode. So I'm willing to compromise and instead just
> intercept
Hi there
I'm wanting to use tls intercept to just log (well OK, and potentially
block) HTTPS sites based on hostnames (from SNI), but have had problems
even in peek-and-splice mode. So I'm willing to compromise and instead just
intercept that traffic, log it, block on IP addresses if need be, and