[squid-users] Mac OS X Updates

John Pearson johnpearson555 at gmail.com
Mon Aug 24 16:04:47 UTC 2015

Thanks! That's what I figured. I wanted to see if anyone in the community
had better ideas or another way.

On Mon, Aug 24, 2015 at 4:52 AM, Kinkie <gkinkie at gmail.com> wrote:

> Hi John,
>   according to the article you link to, it's not possible to cache these
> updates: Apple puts some effort as a conscious choice to make it so.
>   Updates for older versions of MacOS may be over HTTP, newer ones are
> over HTTPs over port 443 and and dynamically-generated ports. HTTP could be
> cached, https cannot without ssl-bump/peek-n-splice (SSL man-in-the-middle).
>   The wording of the article seems to suggest that the list of trusted
> issuers of certificates for the https service is not the same as the
> system's CA root certificate store but is probably locked to Apple's. This
> means that also SSL MITM is not possible, by design.
> On Wed, Aug 19, 2015 at 9:20 PM, John Pearson <johnpearson555 at gmail.com>
> wrote:
>> Anyone have Mac OS X update caching working ? Without doing a SSL bump. I
>> think they are hosted through https (
>> https://support.apple.com/en-us/HT202943 )
>> Thanks!
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
> --
>     Francesco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150824/50a547dd/attachment.html>

More information about the squid-users mailing list