[squid-users] squid http & https intercept based on DNS server
James Lay
jlay at slave-tothe-box.net
Thu Nov 12 12:08:48 UTC 2015
On Thu, 2015-11-12 at 09:37 +0300, Ahmad Alzaeem wrote:
> Sorry , didn’t understand , could you explain more ??
>
> cheers
>
> -----Original Message-----
> From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of James Lay
> Sent: Thursday, November 12, 2015 12:29 AM
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] squid http & https intercept based on DNS server
>
> On 2015-11-11 12:23, Ahmad Alzaeem wrote:
> > Hi guys
> >
> > I want to ask a question
> >
> > Assume I have a dns server that resolve all the names to the ip of
> > squid
> >
> > So we will have all websites go to squid
> >
> > The question is being asked here is :
> >
> > If I used squid in intercept mode
> >
> > Will I be able to handle http & https traffic without adding cert and
> > CA in the clients browsers' ??
> >
> > Again
> >
> > Will I have issues with Https in certs ?
> >
> > cheers
> > _______________________________________________
> > squid-users mailing list
> > squid-users at lists.squid-cache.org
> > http://lists.squid-cache.org/listinfo/squid-users
>
> No. Certain clients don't even use DNS, but a hardcoded IP (I'm looking at you TextNow).
>
> James
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
Some applications (I'm thinking mobile apps) may or may not use a
hostname...some may simply connect to an IP address, which makes control
over DNS irrelevant at that point. Hope that helps.
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20151112/f6537b59/attachment.html>
More information about the squid-users
mailing list