[squid-users] Help troubleshooting proxy<-->client https
Alex Rousskov
rousskov at measurement-factory.com
Fri Jun 2 16:05:11 UTC 2017
On 06/01/2017 01:26 PM, Alex Rousskov wrote:
> On 06/01/2017 11:29 AM, Alex Rousskov wrote:
> * HTTPS proxy is a rarely used feature that works well for some.
> * SslBump is a frequently used feature that works well enough for some.
> Disclaimer: I do not know of anybody using the _combination_ of the
> above two features, and I do not recall whether such a combination is
> already supported. Please post once you figure it out.
I just confirmed that Squid does _not_ support the above combination. An
https_port with an ssl-bump option requires either "tproxy" or
"intercept" mode, which are both incompatible with HTTPS proxy mode.
Until the above combination is supported, you have to pick between using
HTTPS proxy and using SslBump.
http://wiki.squid-cache.org/SquidFaq/AboutSquid#How_to_add_a_new_Squid_feature.2C_enhance.2C_of_fix_something.3F
Alex.
More information about the squid-users
mailing list