[squid-users] windowsupdate and ssl_bump
Josep Borrell
jborrell at central.aplitec.com
Mon Oct 20 06:35:17 UTC 2014
Hi Amos,
If you need something to take a look let me know.
Thanks
Josep
-----Mensaje original-----
De: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] En nombre de Amos Jeffries
Enviado el: domingo, 19 de octubre de 2014 22:32
Para: squid-users at lists.squid-cache.org
Asunto: Re: [squid-users] windowsupdate and ssl_bump
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 18/10/2014 8:56 p.m., Josep Borrell wrote:
> Hi,
>
> We are using a 3.4.8 squid Proxy in intercept mode via wccp. Squid
> intercepts HTTP and HTTPS via ssl_bump. All is working fine except
> that Windows Machines can't do a Windows Update. It is not working at
> all giving an error 80072F8F with HTTPS redirection disabled all work
> fine.
>
> Someone knows how to maintain the SSL interception with a functional
> Windows Update ?
Windows Update has always done a "call home" CONNECT rquest to port
443 to verify the licensing or something. It may or may not actually be HTTPS.
I would look into what is happening with those requests with your bumping setup.
Amos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
iQEcBAEBAgAGBQJURB+6AAoJELJo5wb/XPRjGzQH/jOWkNZMTRIL0X87hmPLYjEd
L1qoE4F+/Phh+d3aMl9EJxhdWQ6BuYOdNGTrL1Jpq4/37xFxUj3vCuZ638iY6Mad
ETQYTwb1oiX5vzJs0P/VaswJeQ36pR5yAMP0RmS3Y2uBTxeD9kSjQLwiwezt0BKI
obUqwJHcGS+K8CXsLfJle4ivIDkOy+BNFt/ujOYjjQ8UaY1Sg2GLZU2rtCFOoqav
05p62E4/jVkrBUP7o4AXFJADXHjaH/73FB/XY517vWp8R181xz6eWYcbkF8zdhzA
TixCnmt83mJEH5AdkNpl4IRRzaIPP4KsBTUUE4LN9cHH/ZS9ZQHPc2bKVVjr/aU=
=g5io
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list