Re: [squid-users] SSL bump working on most site...cert pinning issue?

, at 10:38 pm, James Lay j...@slave-tothe-box.net wrote: Topic pretty much says it...most sites work fine using my below set up, but some (Apple's app store) do not. I'm wondering if cert pinning is the issue? Since this set up is basically two separate sessions, I packet captured both

Re: [squid-users] problem with filedescriptors after reboot

On 2014-06-20 09:10, ama...@tin.it wrote: I had configured /etc/security/limits.conf squid softnofile 16384 squid hardnofile 16384 rootsoftnofile 16384 roothardnofile 16384 but to resolve the problem I have to add into /et/init.d/squid #set fildedescriptor set

[squid-users] [Fwd: ssl-bump and tunneling]

From the docs: # none # Become a TCP tunnel without decoding the connection. # Works with both CONNECT requests and intercepted SSL # connections. This is the default behavior when no # ssl_bump option is given or no ssl_bump ACLs

Re: [squid-users] [Fwd: ssl-bump and tunneling]

for these domains IPs or something else which is creative enough for it to work. Eliezer On 04/26/2014 06:29 PM, James Lay wrote: acl broken_sites dstdomain .textnow.me acl broken_sites dstdomain .akamaiedge.net acl broken_sites dstdomain .akamaihd.net acl broken_sites dstdomain .apple.com Well

[squid-users] generate-host-certficates

From the squid.conf.documented: # SSL Bump Mode Options: # In addition to these options ssl-bump requires TLS/SSL options. # # generate-host-certificates[=on|off] # Dynamically create SSL server certificates for the #

<    1   2