[squid-users] ssl-bump

leomessi983 at yahoo.com leomessi983 at yahoo.com
Wed Feb 27 15:11:39 UTC 2019


-
-
-
-
-
Hi all
Can i use this conf only for blocking purpose?!Is set dynamic_cert_mem_cache_size=0MB wrong?I have more than 1000 clients and i only want to block http and https pages and show err page for both of those. 
 
My configurations is like this:
-----------------------------------------
https_port 3130 tproxy ssl-bump \
        cert=/etc/squid/ssl_cert/myCA.pem \
        generate-host-certificates=off dynamic_cert_mem_cache_size=0MB
sslcrtd_program /usr/lib64/squid/security_file_certgen


acl blk ssl::server_name "/var/blk.list"
ssl_bump bump blk
http_access deny blk
acl step1 at_step SslBump1ssl_bump peek step1
ssl_bump splice all
-------------------------------------

tanx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20190227/72a9f78a/attachment.html>


More information about the squid-users mailing list