> -Original Message-
> From: Amos Jeffries [mailto:squ...@treenet.co.nz]
> Sent: Wednesday, November 20, 2013 1:59 PM
> To: squid-users@squid-cache.org
> Subject: Re: [squid-users] intercepting SSL connections with client
certificate
>
> On 20/11/2013 8:02 p.m., Shi
On 20/11/2013 8:02 p.m., Shinoj Gangadharan wrote:
>>> 1. sslbump is not passing on the client cert - I think this will be
>>> fixed with SSLPeekandSplice feature
>>> (http://wiki.squid-cache.org/Features/SslPeekAndSplice)
>>
>> I do not think this can be "fixed". IIRC, Squid cannot forward the
> c
> > 1. sslbump is not passing on the client cert - I think this will be
> > fixed with SSLPeekandSplice feature
> > (http://wiki.squid-cache.org/Features/SslPeekAndSplice)
>
> I do not think this can be "fixed". IIRC, Squid cannot forward the
client
> certificate to the server on a bumped connectio
On 11/19/2013 06:39 AM, Shinoj Gangadharan wrote:
> 1. sslbump is not passing on the client cert - I think this will be fixed
> with SSLPeekandSplice feature
> (http://wiki.squid-cache.org/Features/SslPeekAndSplice)
I do not think this can be "fixed". IIRC, Squid cannot forward the
client certifi
s. I will be intercepting SSL only for a week or so till the issue is
> resolved.
>
> Regards,
> Shinoj.
>
> -Original Message-
>
> From: Eliezer Croitoru [mailto:elie...@ngtech.co.il]
> Sent: Tuesday, November 19, 2013 8:01 PM
> To: squid-users@squid-cache.org
>
19, 2013 8:01 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] intercepting SSL connections with client
certificate
Hey Shinoj,
Your problem is not your own.
The main issue with SSL is even intercepting it.
I would not just say it on the law side of the matter.
One of the issues is
Hey Shinoj,
Your problem is not your own.
The main issue with SSL is even intercepting it.
I would not just say it on the law side of the matter.
One of the issues is that SSL should be and end-to-end connection.
In infrastructure that a SSL encryption is enabled the SSL end point in
many cases
3:44 PM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] intercepting SSL connections with client
certificate
On 19/11/2013 12:42 a.m., Shinoj Gangadharan wrote:
> Hi,
>
> I am able to intercept normal SSL connections using ssl_bump. How can
> I pass on the client certificate
On 19/11/2013 12:42 a.m., Shinoj Gangadharan wrote:
> Hi,
>
> I am able to intercept normal SSL connections using ssl_bump. How can I
> pass on the client certificate to the server? I tried using cache_peer but
> could not get it to work. Here is the conf :
>
> acl myacl dstdomain myssldomain.com
Hi,
I am able to intercept normal SSL connections using ssl_bump. How can I
pass on the client certificate to the server? I tried using cache_peer but
could not get it to work. Here is the conf :
acl myacl dstdomain myssldomain.com
cache_peer ssl.myssldomain.com parent 443 0 no-query proxy-only
10 matches
Mail list logo
