[squid-users] Squid-4.6 compile errors
Amos Jeffries
squid3 at treenet.co.nz
Sat Apr 13 14:03:36 UTC 2019
On 14/04/19 12:14 am, Pedro Daniel Costa wrote:
> Hi guys
>
>
> I am a newbie initiating on squid, i have managed to download squid-4.6
> on my ubuntu server and i am trying to compile it for transparente proxy
> mode with https
>
>
>
> But Its giving me compile errors apparently if I enable –enable-ssl option.
>
That build option does not exist in Squid-4 (nor v3.5).
<http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.28-RELEASENOTES.html#ss4.3>
>
> I read on the changelogs that ssl apparently has been removed on latest
> version 4.6
>
>
> Can someone advise me on the configuration compile mode example that I
> can use in order to compile 4.6 version successfully ?
>
Make sure the libssl-dev package in installed and has version 1.1 or later.
Then use --with-openssl to build Squid.
>
> Also is it true that we can now cache https content without installing
> intercept certificates on clients devices?
This is not true.
To cache HTTPS the traffic has to be decrypted.
To decrypt, the client has to accepts Squids TLS handshake certificate.
To accept a cert, at least one CA from its signing/Issuer chain must be
installed by the client.
> Or we do still need to
> install the client browser certificate on the client browser side?
"client browser certificate" does not mean what you seem to think it means.
> As I
> have read some example of installing the certificate automatically on
> the client side using the root ca1 ?
>
I suspect you have misread something. Please provide a citation or link
to that source.
HTH
Amos
More information about the squid-users
mailing list