[squid-users] Transparent proxying, https and Eduroam
Amos Jeffries
squid3 at treenet.co.nz
Wed Mar 9 12:53:50 UTC 2016
On 10/03/2016 12:15 a.m., Vito A. Smaldino wrote:
> Hi guys,
> in my high-school i operate a squid+squidguard box with great satisfaction
> and zero problems; actually it is configured as an explicit proxy.
> Now i need to change the operation mode to implicit (transparent,
> intercept) due to Eduroam policy.
> Googling i found docs and examples all refering to ssl-bump, but this way
> Squid operates as a MITM; i would like to configure squid to simply open a
> tunnel from browser to destination https-site as it does when operating
> explicitily ie without decrypting anyway the traffic.
> Is there a method that i didn't find?
To intercept and pass HTTPS / port 443 through Squid requires SSL-Bump
functionality.
You an avoid the client certificate install, but (for now) Squid still
requires the https_port TLS settings and and "ssl_bump splice all" to
pass port 44 through the proxy
Amos
More information about the squid-users
mailing list