[squid-users] Two questions regarding ssl_bump and peek/splice.
squid3 at treenet.co.nz
Tue Apr 19 14:40:41 UTC 2016
On 20/04/2016 1:16 a.m., Markey, Bruce wrote:
> Can anyone point me to a deep dive or something like that about how
> ssl_bump and peek/splice etc work? The more technical the better. I
> don't want to ask a ton of questions about some of the errors I'm
> getting without fully understanding what is going on.
The most technical you can get is to read the code itself. Second best
would be <http://wiki.squid-cache.org/Features/SslPeekAndSplice>.
> I currently have squid working almost the way I want it, with just a
> few remaining issues. One of them being is that with ssl sites I
> seem to get a lot of "not private, cert authority" messages then I
> have to add that site to an acl to not be bumped. Regarding my
> first question, I want to understand why.
Odd. Neither OpenSSL nor Squid produce a message saying that.
> My second question I think is a quickie. Can you run 2 log files?
> Reason being is that I use squidanalyzer and it only reads the
> standard log format. But there are better log formats for what I'm
> doing. I'd like to keep dual logs while I work on my own analyzer
> that reads that log file. You can see the logformat line commented
> out along with some other log lines.
Yes. Just put multiple access_log lines in. One for each file/output you
More information about the squid-users