[squid-users] Analyzing encrypted traffic
Amos Jeffries
squid3 at treenet.co.nz
Mon Oct 3 04:39:31 UTC 2016
On 3/10/2016 4:34 p.m., Michael Varun wrote:
> squid will not be able to intercept encrypted traffic it just does a
> passover using CONNECT to the origin server . You can explore the feature
> SSL_BUMP which will basically help in intercepting encrypted traffic. You
> will need to generate certificates and mimick the clients There are some
> dependency on HTML HEADERS
I think you mean HTTP headers. HTML has nothing to do with Squid. It is
just opaque payload bytes to any HTTP proxy.
> as well like AUTHORIZATION ,CACHE CONTROL and so
> on. I am currently in same situation as you. I was able to perform GET
> calls towards origin server ,But i am getting cache miss most of the time
> and in process of investigating
The HTTP (or HTTPS) headers are not related to SSL-Bump operations. The
TLS layer and the HTTP layer are separate and handled independently.
For the purposes of caching there is no difference between HTTP and
HTTPS messages. The same rules are applied.
<http://wiki.squid-cache.org/Features/SslPeekAndSplice>
Amos
More information about the squid-users
mailing list