[squid-users] SSL intercept in explicit mode

Yuri yvoinov at gmail.com
Wed Mar 14 15:34:52 UTC 2018 

I guess, your using wrong approach.

You trying to find ready-to-use solution for /custom/ configuration.

At maximum, you can find some bricks for this. And anyway you should
build your custom solution yourself.

Bricks is here: https://wiki.squid-cache.org :-)

14.03.2018 20:28, Danilo V пишет:
> Thanks for the explanation.
> Do you have any guide?
>
> Em qua, 14 de mar de 2018 às 10:26, Matus UHLAR - fantomas
> <uhlar at fantomas.sk <mailto:uhlar at fantomas.sk>> escreveu:
>
>     On 13.03.18 14:44, Danilo V wrote:
>     >I mean SSL bump in explicit mode.
>     >So intercept is a essencial requirement for running SSL bump?
>
>     No, you asked for "explicit mode with ssl intercept" which I
>     pointed out is
>     illogical.
>
>
>     >Em ter, 13 de mar de 2018 às 11:10, Matus UHLAR - fantomas <
>     >uhlar at fantomas.sk <mailto:uhlar at fantomas.sk>> escreveu:
>     >> On 13.03.18 13:44, Danilo V wrote:
>     >> >Is it possible/feasible to configure squid in explicit mode
>     with ssl
>     >> >intercept?
>     >>
>     >> maybe you mean SSL bump in explicit mode?
>
>     It is possible to bump explicit proxy.
>
>     >> >Due to architecture of my network it is not possible to implement
>     >> >transparent proxy.
>     >>
>     >> excuse me?
>     >> by "transparent" people mean what we usually call "intercept".
>
>     >> >What would be the behavior of applications that dont support
>     proxy - i.e.
>     >> >dont forward requests to proxy?
>     >>
>     >> they mest be intercepted.
>
>     "must" be intercepted. Since you said that it's not possible
>     transparent (I
>     believe you have meant intercepting) proxy, it's apparently not
>     possible to
>     handle applications that do not support proxy.
>
>     --
>     Matus UHLAR - fantomas, uhlar at fantomas.sk
>     <mailto:uhlar at fantomas.sk> ; http://www.fantomas.sk/
>     Warning: I wish NOT to receive e-mail advertising to this address.
>     Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
>     2B|!2B, that's a question!
>     _______________________________________________
>     squid-users mailing list
>     squid-users at lists.squid-cache.org
>     <mailto:squid-users at lists.squid-cache.org>
>     http://lists.squid-cache.org/listinfo/squid-users
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-- 
"C++ seems like a language suitable for firing other people's legs."

*****************************
* C++20 : Bug to the future *
*****************************

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180314/769d9a42/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20180314/769d9a42/attachment.sig>

More information about the squid-users mailing list