[squid-users] Non-transparent proxy with cache_peer and ssl_bump
Alex Rousskov
rousskov at measurement-factory.com
Thu Mar 21 03:36:55 UTC 2019
On 3/20/19 9:22 PM, Amos Jeffries wrote:
> On 21/03/19 10:58 am, Alex Rousskov wrote:
>> On 3/20/19 3:23 PM, Yosi Greenfield wrote:
>>
>>> ssl_bump splice step3 NoBump
>>> ssl_bump bump step3
>>
>>> cache_peer proxy2.ourserver.com ... ssl
>> Forwarding most SslBump-related connections to cache_peers is still
>> unsupported by official Squids, including Squid v3 and v4.
> Er, sending the bumped https:// requests to a cache_peer with 'ssl' does
> work, though not advised.
Sending requests bumped at step2 or step3 does not work[1]. Requests
bumped at step1 are a rare and irrelevant-to-the-config-in-question
exception. That is why I said "most".
Alex.
[1] https://github.com/squid-cache/squid/blob/master/src/FwdState.cc#L883
More information about the squid-users
mailing list