[squid-users] Two questions regarding ssl_bump and peek/splice.

Amos Jeffries squid3 at treenet.co.nz
Tue Apr 19 14:40:41 UTC 2016

On 20/04/2016 1:16 a.m., Markey, Bruce wrote:
> Can anyone point me to a deep dive or something like that about how
> ssl_bump and peek/splice etc work? The more technical the better.   I
> don't want to ask a ton of questions about some of the errors I'm
> getting without fully understanding what is going on.

The most technical you can get is to read the code itself. Second best
would be <http://wiki.squid-cache.org/Features/SslPeekAndSplice>.

> I currently have squid working almost the way I want it, with just a
> few remaining issues.  One of them being is that with ssl sites I
> seem to get a lot of "not private, cert authority" messages then I
> have to add that site to an acl to not be bumped.    Regarding my
> first question, I want to understand why.

Odd. Neither OpenSSL nor Squid produce a message saying that.

> My second question I think is a quickie.  Can you run 2 log files?
> Reason being is that I use squidanalyzer and it only reads the
> standard log format.  But there are better log formats for what I'm
> doing. I'd like to keep dual logs while I work on my own analyzer
> that reads that log file.   You can see the logformat line commented
> out along with some other log  lines.

Yes. Just put multiple access_log lines in. One for each file/output you


More information about the squid-users mailing list