[squid-users] Strange Squid SSL Interception Behavior
Mathew Brown
mbrown8918 at outlook.com
Wed Aug 26 11:03:52 UTC 2020
Thank you Alex + Amos :) You've really helped clarify things. I had a final question regarding this setup. Does this configuration only look at the client side part of the SNI request or also the server certificate. If it only looks at the client-side, how would I tell it to look at the server response as well? Thanks.
________________________________
From: squid-users <squid-users-bounces at lists.squid-cache.org> on behalf of Amos Jeffries <squid3 at treenet.co.nz>
Sent: Wednesday, August 26, 2020 2:03 PM
To: squid-users at lists.squid-cache.org <squid-users at lists.squid-cache.org>
Subject: Re: [squid-users] Strange Squid SSL Interception Behavior
On 26/08/20 10:39 am, Alex Rousskov wrote:
> On 8/25/20 6:15 PM, Mathew Brown wrote:
>
>> http_access deny CONNECT !SSL_ports
>> http_access allow localnet CONNECT
>
AIUI, this would be better if it works:
http_access deny CONNECT !SSL_ports
http_access allow CONNECT step1
Amos
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20200826/d574572e/attachment.htm>
More information about the squid-users
mailing list