[squid-users] ssl_bump with cache_peer problem: Handshake fail after Client Hello.
maple
maple.feng.wang at hotmail.com
Thu Nov 5 06:44:55 UTC 2015
hi Amos,
what did you exactly refer to for "These particular use-case issue"? it
means in 3.5+, cache_peer can be used with ssl_bump together smoothly? or It
resolves the integration problem between squid and proxychains?
anyway, I have already upgraded my squid to 3.5.9, but neither for
cache_peer used with ssl_bump nor squid with proxychains works.
for cache_peer used with ssl_bump:
http_access allow all
http_port 3128 intercept
https_port 3129 cert=/etc/squid/ssl_cert/squid.crt
key=/etc/squid/ssl_cert/private.key ssl-bump intercept
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
ssl_bump peek all
ssl_bump bump all
cache_peer 127.0.0.1 parent 12345 0 no-query no-digest default
never_direct allow all
for squid with proxychians:
http_access allow all
http_port 3128 intercept
https_port 3129 cert=/etc/squid/ssl_cert/squid.crt
key=/etc/squid/ssl_cert/private.key ssl-bump intercept
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
ssl_bump peek all
ssl_bump bump all
always_direct allow all
proxychains4 -f proxychains.conf squid -f /etc/squid/squid.conf
for proxychians + squid, it looks like proxychians still can chain squid
with my parent proxy up.
anything I did wrong?
best regards.
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/ssl-bump-with-cache-peer-problem-Handshake-fail-after-Client-Hello-tp4672064p4674388.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users
mailing list