[squid-users] chromium based browsers don't play a video, when sslbump is enabled
Dieter Bloms
squid.org at bloms.de
Wed Jan 20 11:25:46 UTC 2021
Hello,
I use squid 4.13 with enabled sslbump.
Chromium based browsers like chrome and edge don't play this video
https://admin.wissen-ad.de/storage/TEST/Big_Buck_Bunny_1080_10s_30MB.mp4
The firefox browser and the old internet explorer have no problems.
When I disable sslbumping for this destination the chromium based
browsers work as well.
Here are some parts of my config:
--snip--
http_port MYIP:8080 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=32MB cert=/etc/squid/cert.pem key=/etc/squid/key.pem tls-dh=/etc/squid/dhparams.pem
sslcrtd_program /usr/sbin/security_file_certgen -s /var/cache/squid/sslcert_db -M 32MB
sslcrtd_children 32 startup=10 idle=3
tls_outgoing_options capath=/etc/ssl/certs min-version=1.2
tls_outgoing_options cipher=TLSv1.2:+aRSA:+SHA384:+SHA256:+DH:-kRSA:!PSK:!eNULL:!aNULL:!DSS:!AESCCM:!CAMELLIA:!ARIA:AES256-SHA:AES128-SHA:@SECLEVEL=1
acl nobumping dstdomain "/etc/squid/nohttpsscan.domains"
ssl_bump splice nobumping
ssl_bump bump all
--snip--
with wget or curl I can download the mp4 file in both cases (with and without sslbump)
Can anybody try to view the video in a chromium based browser with enabled sslbump ?
Thank you very much.
--
Regards
Dieter
--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.
More information about the squid-users
mailing list