[squid-users] ssl intercept and forward to privoxy
Amos Jeffries
squid3 at treenet.co.nz
Fri Mar 30 01:30:52 UTC 2018
On 30/03/18 12:01, teapot wrote:
> Hi, I'm attempting to set up squid to perform SSL interception and route its
> traffic through tor, and I'm a bit stuck. I've started with this guide
> <https://wiki.vpsget.com/index.php/Squid+Privoxy+Tor> .
>
> This works for HTTP traffic, but does not work for SSL; for the latter I get
> the error 'kid1| assertion failed: PeerConnector.cc:116: "peer->use_ssl"'
> from squid; however if I add the 'ssl' directive to the cache_peer, neither
> type of connection will work.
HTTPS requires a secure connections. You cannot send it as plain-text.
Apparently privoxy does not support receiving TLS.
>
> Is privoxy truly required for this? If I have understood this thread
> <http://squid-web-proxy-cache.1019090.n4.nabble.com/ERR-CANNOT-FORWARD-with-Squid-Privoxy-td4681111.html>
> correctly, once the CONNECT is received by squid it cannot then recreate
> that command to a peer and the SSL connection will fail. However, the only
> other discussions of this topic I have found say that squid cannot send
> directly to a listening tor service.
Yes. TOR protocol is not HTTP protocol nor is it HTTPS protocol.
Amos
More information about the squid-users
mailing list