Thank you Alex + Amos :) You've really helped clarify things. I had a final question regarding this setup. Does this configuration only look at the client side part of the SNI request or also the server certificate. If it only looks at the client-side, how would I tell it to look at the server response as well? Thanks. ________________________________ From: squid-users <squid-users-boun...@lists.squid-cache.org> on behalf of Amos Jeffries <squ...@treenet.co.nz> Sent: Wednesday, August 26, 2020 2:03 PM To: squid-users@lists.squid-cache.org <squid-users@lists.squid-cache.org> Subject: Re: [squid-users] Strange Squid SSL Interception Behavior
On 26/08/20 10:39 am, Alex Rousskov wrote: > On 8/25/20 6:15 PM, Mathew Brown wrote: > >> http_access deny CONNECT !SSL_ports >> http_access allow localnet CONNECT > AIUI, this would be better if it works: http_access deny CONNECT !SSL_ports http_access allow CONNECT step1 Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
