<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Transparent SSL Bump interception, eh?<br>
    <br>
    <div class="moz-cite-prefix">20.02.15 15:14, Ilya Karpov пишет:<br>
    </div>
    <blockquote
      cite="mid:93616B9A-9EE9-4FE8-8A5B-70F9EC3FA773@gmail.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <div class="">Hi guys,</div>
      <div class="">can anyone suggest solution to make following
        scenario work using squid:</div>
      <div class=""><br class="">
      </div>
      <div class="">step1. </div>
      <div class="">Client(actually server application) calls <a
          moz-do-not-send="true" href="http://example" class="">HTTP://example</a>.org
        squid via proxy.</div>
      <div class=""> |</div>
      <div class="">V </div>
      <div class="">step2. </div>
      <div class="">Proxy(Squid) understands that all calls to <a
          moz-do-not-send="true" href="http://example.org" class="">HTTP://example.org</a> should
        be changed to <a moz-do-not-send="true"
          href="httpS://example.org" class="">HTTPS://example.org</a>,
        trusts CA that uses <a moz-do-not-send="true"
          href="http://example.org" class="">example.org</a> and knows
        client certificate to use for https client authentication</div>
      <div class="">
        <div class=""> |</div>
        <div class="">V </div>
      </div>
      <div class="">step3.</div>
      <div class="">Origin(some server in internet) accepts https
        request, authenticates client, returns response</div>
      <div class=""><br class="">
      </div>
      <div class="">The main aim is to make client know nothing about
        https complexity (storing certificates/keys, knowing specific
        algorithms etc), and make squid manage this things.</div>
      <div class=""><br class="">
      </div>
      <br class="">
      <div apple-content-edited="true" class="">
        <span class="Apple-style-span" style="border-collapse: separate;
          border-spacing: 0px;">
          <div class="">Best regards,</div>
          <div class="">Ilya Karpov</div>
          <div class=""><a moz-do-not-send="true"
              href="mailto:karpoftea@gmail.com" class="">karpoftea@gmail.com</a></div>
          <div class=""><br class="">
          </div>
        </span><br class="Apple-interchange-newline">
      </div>
      <br class="">
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
squid-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a>
<a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>