[squid-users] difference of settings doing the same as it seems
Walter H.
Walter.H at mathemainzel.info
Thu Nov 14 19:06:36 UTC 2019
Hello,
I found out something strange
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3
acl nobumpsites ssl::server_name "/etc/squid/sslnobumpsites-acl.squid"
# I had these 3 settings - most worked, but only a few hosted at
cloudflare worked: problems with SNI there, but only there
#ssl_bump stare step1 all
#ssl_bump splice nobumpsites
#ssl_bump bump all
# so I did these 3 settings
ssl_bump peek step1
ssl_bump splice nobumpsites
ssl_bump stare all
the file above contains server names where no SSL interception should be
done, e.g. banking;
can someone explain the difference between these two ways - the
commented ones and the other 3 settings?
Thanks,
Walter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3491 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20191114/dd1f73ad/attachment.bin>
More information about the squid-users
mailing list