On 20/08/2014 1:12 p.m., Eliezer Croitoru wrote:
I wasn't sure but I am now.
You are doing something wrong and I cannot tell what exactly.
Try to share this script output:
http://www1.ngtech.co.il/squid/basic_data.sh
There are missing parts in the whole setup such as clients IP and server
why are you using unbound for this at all?
Well, we use a geo location service much like a VPN or a proxy.
For transparent proxies, it works fine, squid passes through the SSL
request and back to the client.
For VPN, everything is passed through.
But with unbound, we only want to pass through
On 21/08/2014 8:59 a.m., sq...@proxyplayer.co.uk wrote:
why are you using unbound for this at all?
Well, we use a geo location service much like a VPN or a proxy.
For transparent proxies, it works fine, squid passes through the SSL
request and back to the client.
For VPN, everything is
which one?
It's client -- unbound -- if IP listed in unbound.conf -- forwarded
to proxy -- page or stream returned to client
For others it's client -- unbound -- direct to internet with normal DNS
On 21/08/2014 2:37 p.m., sq...@proxyplayer.co.uk wrote:
which one?
It's client -- unbound -- if IP listed in unbound.conf -- forwarded
to proxy -- page or stream returned to client
For others it's client -- unbound -- direct to internet with normal DNS
Replace forwarded to proxy with IP
Take a look at:
http://wiki.squid-cache.org/EliezerCroitoru/Drafts/SSLBUMP
Your squid.conf seems to be too incomplete to allow SSL-Bump to work.
Eliezer
I recompiled to 3.4.6 and ran everything in your page there.
squid started correctly.
However, it is the same problem. Any https page that
I wasn't sure but I am now.
You are doing something wrong and I cannot tell what exactly.
Try to share this script output:
http://www1.ngtech.co.il/squid/basic_data.sh
There are missing parts in the whole setup such as clients IP and server
IP, what GW are you using etc..
Eliezer
On
You are at least missing https_port and all the sslproxy_* directives
for outgoing HTTPS. Then also you are probably missing the TLS/SSL
certificate security keys, including any DNS entries for IPSEC, DNSSEC,
DANE, HSTS etc.
Ok, so I generated some keys and added the directives.
On restarting
Take a look at:
http://wiki.squid-cache.org/EliezerCroitoru/Drafts/SSLBUMP
Your squid.conf seems to be too incomplete to allow SSL-Bump to work.
Eliezer
On 08/18/2014 02:16 AM, sq...@proxyplayer.co.uk wrote:
Ok, so I generated some keys and added the directives.
On restarting squid it askes
On 8/08/2014 8:55 a.m., sq...@proxyplayer.co.uk wrote:
Current config below:
In my network I have unbound redirecting some sites through the proxy
server and checking authentication, If I redirect www.thisite.com it
works corectly. However, as soon as SSL is used https://www.thissite.com
it
Current config below:
In my network I have unbound redirecting some sites through the proxy
server and checking authentication, If I redirect www.thisite.com it
works corectly. However, as soon as SSL is used https://www.thissite.com
it doesn't resolve at all. Any ideas what I have to do to
On 5/08/2014 1:13 p.m., sq...@proxyplayer.co.uk wrote:
In my network I have unbound redirecting some sites through the proxy
server and checking authentication, If I redirect www.thisite.com it
works corectly. However, as soon as SSL is used https://www.thissite.com
it doesn't resolve at all.
In my network I have unbound redirecting some sites through the proxy
server and checking authentication, If I redirect www.thisite.com it
works corectly. However, as soon as SSL is used
https://www.thissite.com it doesn't resolve at all. Any ideas what I
have to do to enable ssl redirects
In my network I have unbound redirecting some sites through the proxy
server and checking authentication, If I redirect www.thisite.com it
works corectly. However, as soon as SSL is used
https://www.thissite.com it doesn't resolve at all. Any ideas what I
have to do to enable ssl redirects
14 matches
Mail list logo
