[squid-users] Have issue with "https_port ssl-bump intercept"
pius
piuschungath at gmail.com
Fri Aug 10 18:05:25 UTC 2018
I am getting IP address of the client instead of the domain name I requested.
I am trying curl -iv https://www.google.com from a client machine
(10.222.17.106). I am not getting google.com in the access log and getting
TCP_DENIED. Looks like traffic is blocked before checking the certificate( I
am not sure ). And HTTP works fine (curl -iv http://www.google.com). I have
included LOG for from both requests. Please help.
##############
HTTPS REQUEST
1533917193.498 0 10.222.25.60 TCP_DENIED/200 0 CONNECT
10.222.17.106:3130 - HIER_NONE/- -
##############
HTTP REQUEST
1533917208.934 35 10.222.25.60 TCP_MISS/200 11561 GET
http://www.google.com/ - HIER_DIRECT/216.58.212.100 text/html
##############
################################################################################
Here is my squid.conf
###############
http_port 3128
http_port 0.0.0.0:3129 ssl-bump \
cert=/etc/squid/ssl_cert/cert.pem \
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
https_port 0.0.0.0:3130 ssl-bump intercept \
cert=/etc/squid/ssl_cert/cert.pem \
generate-host-certificates=on dynamic_cert_mem_cache_size=4MB
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl ssl_exclude_domains ssl::server_name "/etc/squid/exclude_domains.conf"
ssl_bump splice localhost
ssl_bump peek step1 all
ssl_bump splice ssl_exclude_domains
ssl_bump stare step2 all
ssl_bump bump all
--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
More information about the squid-users
mailing list