<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
BTW, man, splice in most cases means "no bump".<br>
<br>
Why do you expect that will happen bumping, if your URL is in splice
ACL?<br>
<br>
10.04.15 20:22, Ashish Patil пишет:<br>
<span style="white-space: pre;">> Hello,<br>
><br>
> I am trying to set up Peek and Splice using Squid 3.5.3. I'm
facing issues<br>
> setting it up for website that have HSTS enabled, like
google.com and<br>
> twitter.com.<br>
><br>
> My squid.conf is:<br>
> http_port 3128 intercept<br>
> https_port 3129 intercept ssl-bump
generate-host-certificates=on<br>
> dynamic_cert_mem_cache_size=4MB
cert=/usr/local/squid/ssl/myCA.pem<br>
> acl step3 at_step SslBump3<br>
> acl sslBumpAllowedDstDomain dstdomain google.co.in<br>
> ssl_bump peek step3 all<br>
> ssl_bump splice sslBumpAllowedDstDomain<br>
> ssl_bump bump all<br>
><br>
><br>
> The output of access.log is:<br>
> 1428674512.281 511 192.168.3.31 TCP_MISS/301 634 GET
<a class="moz-txt-link-freetext" href="http://google.co.in/">http://google.co.in/</a><br>
> - ORIGINAL_DST/173.194.117.23 text/html<br>
> 1428674512.703 348 192.168.3.31 TCP_MISS/302 1106 GET<br>
> <a class="moz-txt-link-freetext" href="http://www.google.co.in/">http://www.google.co.in/</a> - ORIGINAL_DST/173.194.117.24
text/html<br>
> 1428674512.706 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.24:443<br>
> - HIER_NONE/- -<br>
> 1428674512.711 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.24:443<br>
> - HIER_NONE/- -<br>
> 1428674515.883 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674515.956 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674515.965 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674516.006 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674526.310 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674526.327 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674526.335 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
> 1428674526.411 0 192.168.3.31 TAG_NONE/200 0 CONNECT
173.194.117.22:443<br>
> - HIER_NONE/- -<br>
><br>
><br>
> Any input would be welcome.<br>
><br>
><br>
><br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a></span><br>
<br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v2
<br>
<br>
iQEcBAEBCAAGBQJVKALFAAoJENNXIZxhPexGAwAH/jTH4eX6W1RDp12zwGC4Fu8P
<br>
68eLUveFGb+pjtlML/fvBBmihp6QOi1sU/CswbqaowFw/A/dXLmZhdo/nZI474up
<br>
iYpiqZZ2nH2muvXjSU746p6LcjGAv0bHqXkXHQpDqfXnob7v1wJdNYVnthWw+t3Y
<br>
sCxBlTetuvyTO7iCYGZ7bB9oVspb7q4Vd4t7T079KCT2CkuyBOZrcB7IWAqigYoZ
<br>
BnJef33wZ45YCTzRmsbVpUZMZgFsNCtkTuVAXOfBewlwBORxoZ/sIXsecDTKRrJ6
<br>
0QntexRv4f+CBZiXJJvFdyA4U57yw5FHDgLcEFIPdfhW7xnRPxrgU3t9WXclDkc=
<br>
=mGMV
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</body>
</html>