[squid-users] Squid doesn't use domain name as a request URL in access.log when splice at step 3 occurs
squid3 at treenet.co.nz
Fri Nov 4 14:42:45 UTC 2016
On 5/11/2016 1:43 a.m., Garri Djavadyan wrote:
> The configuration for splice at step 3:
> # diff etc/squid.conf.default etc/squid.conf
>> https_port 3129 intercept ssl-bump cert=etc/ssl_cert/myCA.pem
>> acl StepSplice at_step SslBump3
>> ssl_bump splice StepSplice
>> ssl_bump peek all
>> logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un
> %Sh/%<a %mt %ssl::>sni
> The result:
> 1478256303.420 574 172.16.0.21 TCP_TUNNEL/200 6897 CONNECT
> 126.96.36.199:443 - ORIGINAL_DST/188.8.131.52 - www.openssl.org
> Is it a bug or intended behavior? Thanks.
The person (Christos) who designed that behaviour is not reading this
mailing list very often.
AFAIK, it depends on what the SubjectAltName field in the certificate
provided by 184.108.40.206 contains.
More information about the squid-users