Hello, Thank you for your prompt and precise answer.
Well I'm permit myself another question, sorry. If you have an opinion about securing the authentification without https_port : With a FreeIPA central users directory, what could be the best way to secure/protect the authentication process, the login/password. Or more generally what could be the best options to secure the login/password with only the http_port. So no directly encrypted traffic. I was assuming https connection could secure the authentication process .. but if ssl-dump is really wanted, so I need another options to secure the login/password. Did you see my point / what I'm trying to talk about ? Thank you in advance. Regards, Le lun. 25 mai 2020 à 12:26, Amos Jeffries <squ...@treenet.co.nz> a écrit : > On 25/05/20 9:59 pm, ben benml wrote: > > Hello, > > > > I'm contacting you for some help. > > I need to deploy a secure proxy based on Squid. > > > > I try to use https_port combined with sslbump. I get an error message > > about a bungled line. > > > > The reasons I want to do this : > > - secure connection between the client browser and the proxy server, so > > using https_port to do it. encrypted traffic in TLS between the client > > and the server. > > Fine. Simply using https_port does that. > > > - secure login connection. So I need to use https_port to do this. > > Fine. Simply using https_port does that. > > > - Do ssl inspection of the traffic goeing through the proxy > > Squid does not yet support SSL-Bump decrypt of traffic already being > decrypted for the secure proxy. > > > Please see > <http://lists.squid-cache.org/pipermail/squid-users/2020-May/022120.html> > if > you want details. > > Amos > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users