[squid-users] Have issue with "https_port ssl-bump intercept"
Alex Rousskov
rousskov at measurement-factory.com
Fri Aug 10 20:28:04 UTC 2018
On 08/10/2018 01:04 PM, pius wrote:
> I had an ACL whitelist for IPs. I tried the test again removing that.
Sounds more like a blacklist than whitelist if removing the rule
_allows_ the request.
> Now I get an error TAG_NONE/200 0 CONNECT.
That is a good sign. The fake CONNECT request was not denied. Please
post all the access.log lines as you did before to show the whole picture.
And what does curl say?
> Still, I am not getting server IP or domain name and
> got squid IP instead. (10.222.17.106:3130).
Ignore that detail for now.
> Does that mean, the request is still blocked in step 1 Or is that Google
> won't accept fake CONNECT request?
Neither, and Google does not receive CONNECT requests (fake or real) --
they are handled internally by Squid.
Please see the following wiki page for what is really going on at
various steps: https://wiki.squid-cache.org/Features/SslPeekAndSplice
HTH,
Alex.
More information about the squid-users
mailing list