Hello For a school project I'm trying to intercept SSL connections by using Squid (client -> squid (transparent) -> server). I'm running Squid 3.1.20 on Ubuntu server 12.10 (64 bit) using the following configuration:
************************************* http_port 10.0.1.1.:3128 intercept https_port 10.0.1.1.:443 ssl-bump cert=/user/local/squid3/ssl_cert/myCA.pm acl our_networks src 10.0.1.0/24 http_access allow our_networks forwarded_for off ssl_bump allow all sslproxy_cert_error allow all sslproxy_flags DONT_VERIFY_PEER ************************************* I've complied squid with SSL support (--enable-ssl). When starting Squid I do not get any error message. Also, proxying http traffic works without any problems. However, when I try to establish a HTTPS session through squid, the client retrieves the SSL certificate from squid, but after accepting it the browser displays an error message from squid that the URL is invalid: "The following error was encountered while trying to retrieve the URL: /. Invalid URL" In the Squid access.log I see the following line: "<timestamp> 0 10.0.1.5 NONE/440 3503 GET / - NONE/- text/html" It appears that squid does strips away the hostname / domain name of the URL the client tries to access, which causes the error message mentioned above. I've already spent hours in finding a solution for this problem and went through dozens of tutorials, unfortunately I wasn't able to find a solution so far. Any ideas what could be wrong? Regards, Heinrich
