[squid-users] Mac OS X Updates
John Pearson
johnpearson555 at gmail.com
Mon Aug 24 16:04:47 UTC 2015
Thanks! That's what I figured. I wanted to see if anyone in the community
had better ideas or another way.
On Mon, Aug 24, 2015 at 4:52 AM, Kinkie <gkinkie at gmail.com> wrote:
> Hi John,
> according to the article you link to, it's not possible to cache these
> updates: Apple puts some effort as a conscious choice to make it so.
>
> Updates for older versions of MacOS may be over HTTP, newer ones are
> over HTTPs over port 443 and and dynamically-generated ports. HTTP could be
> cached, https cannot without ssl-bump/peek-n-splice (SSL man-in-the-middle).
> The wording of the article seems to suggest that the list of trusted
> issuers of certificates for the https service is not the same as the
> system's CA root certificate store but is probably locked to Apple's. This
> means that also SSL MITM is not possible, by design.
>
>
> On Wed, Aug 19, 2015 at 9:20 PM, John Pearson <johnpearson555 at gmail.com>
> wrote:
>
>> Anyone have Mac OS X update caching working ? Without doing a SSL bump. I
>> think they are hosted through https (
>> https://support.apple.com/en-us/HT202943 )
>>
>> Thanks!
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>>
>>
>
>
> --
> Francesco
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150824/50a547dd/attachment.html>
More information about the squid-users
mailing list