Sam <[email protected]> wrote: > Squid can apparently break through https now though, but I have not looked > into it.
It's easy to proxy HTTPS **IFF** you have enough control over the clients. "All you need to do" is create a self signed cert valid for "*" and install that as a root cert on your clients - then the proxy can sign all the pages it serves with HTTPS with that cert and the client will accept it. Of course, the idea of having clients unconditionally accept pages served with a self-signed certificate for "anything" raises "a few security considerations" ! ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
