[squid-users] Use additional details in SAN field to build ACLs

Ahmad, Sarfaraz Sarfaraz.Ahmad at deshaw.com
Tue Jun 19 03:36:46 UTC 2018


Can I leverage other information available in a server certificates's SAN field to build my ACLs ?
Here's a sample from the SAN field ,
DNS Name=abc.example.com
IP Address=

I haven't tried it but would using ssl::server_name_regex work to match IP=10.0.97.* work?
Also I couldn't find a way to capture ssl::server_name (that Squid builds as described in the "acl" directive doc) in the logs. Logformat directive has only some bits of ssl information.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180619/a3dccb3e/attachment.html>

More information about the squid-users mailing list