[squid-users] Dropbox and GoogleDrive apps won't connect with SSLBump enabled
Stanford Prescott
stan.prescott at gmail.com
Mon Aug 31 22:54:28 UTC 2015
Yes, SSLBump still works with the web apps, but it would be a lot more
convenient if the mobile apps would also work.
Does anyone know how to pin Squid's self-signed certificate's public key to
Googledrive and Dropbox so that it would work with SSLBump enabled?
Stan
On Mon, Aug 31, 2015 at 3:29 PM, Yuri Voinov <yvoinov at gmail.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> BTW, GoogleDrive web application still works with bump. Use it, Luke ;)
>
> 01.09.15 2:21, Jason Haar пишет:
> > On 01/09/15 02:59, Shane King wrote:
> >> Accessing via the browser may work but the sync clients that sit in
> >> the system tray use certificate pinning I believe. So if certificate
> >> pinning is being used, ssl bumping will not work. You will see an
> >> alert message in the pcap followed by a connection termination.
> >
> > This stopped working for me last week - I suspect there was an update or
> > something
> >
> > Really frustrating: one of the primary reasons I want to do TLS
> > intercept is to AV all the viruses published on dropbox!!!
> >
> > If the Cloud providers go full pinning, the future of TLS Intercept is
> bleak
> >
> >
> >
> >
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQEcBAEBCAAGBQJV5LkrAAoJENNXIZxhPexGH9oH/AyK089Jek7yb/YPB16jAKPJ
> LnKgKPQ4r8lu3wm5o4JuOXF6mun79fGVW9dymB5rasTJlHiCHrvXEK4G2KqyRg3B
> 57TdvHuLhHr+IE0jcpMpk6n/pbdHzYJwkbplTd9HNApw+/LJpfxXVzQZsspJJC58
> e12pMXL+i5Dv2vEYLEeySVnDN0mtuBdxD7lxDWFDFDbfBZvoGHEptOQYR3lelEet
> xEIds+sNYrjYPK8a9BuiKSK0IqQ5mxhsbUIg4Z7LxyKv3+sTV+aW3HMdKkMoc5t8
> bPCHec1eIxU7p9lgyKGn2HXtV1WQ5MAeOuI9YHGqdeSfgCPfT1wYF2imiHC9ez8=
> =2wPb
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150831/dc835565/attachment.html>
More information about the squid-users
mailing list