Hello,
How can I control the use of HTTP CONNECT such that it will be allowed
just for SSL traffic?
Is it possible to call an external script on HTTP CONNECT? I intend to
verify if the remote destination is indeed a HTTP/SSL server and it
has a valid certificate.
Thank you,
--
Laurian Gridinoc
>
>
> Hello,
>
> How can I control the use of HTTP CONNECT such that it will be allowed
> just for SSL traffic?
The default squid.conf and any setups derived for it uses
the 'SSL_Ports' acl to only allow CONNECT requests to port 443 through SQUID.
>
> Is it possible to call an external scr
On Wed, 4 Aug 2004 07:46:13 +0200, Elsen Marc <[EMAIL PROTECTED]> wrote:
> > How can I control the use of HTTP CONNECT such that it will be allowed
> > just for SSL traffic?
> The default squid.conf and any setups derived for it uses
> the 'SSL_Ports' acl to only allow CONNECT requests to port 443
On Wed, 4 Aug 2004, Laurian Gridinoc wrote:
> Is it possible to call an external script on HTTP CONNECT? I intend to
> verify if the remote destination is indeed a HTTP/SSL server and it
> has a valid certificate.
See the external acl type.
Regards
Henrik
>
> But this does not say that on the remote 443 port its a HTTP server...
>
Of course and true.
>...
>
> But the user may just click accept on a security warning, also I want
That is the user responsibility and software or enforcement tools
won't be able to change the mind-security-state
On Wed, 4 Aug 2004, Elsen Marc wrote:
> That is the user responsibility and software or enforcement tools
> won't be able to change the mind-security-state of a person.
No, but an enforceable policy combined with tools to try to detect when
people is breaching the policy does..
> As stated 443