<div dir="ltr"><div>Hello</div><div><br></div><div>I need to setup a squid 3 proxy with https bumping. Unfortunately I'm not very familiar with squid and https in general.</div><div><br></div><div>I already perfomed the following steps:</div><div><br></div><div><b>1.) compile from source</b></div><div>./configure --with-openssl --enable-ssl-crtd<br></div><div>make</div><div>make install</div><div><br></div><div><b>2.) configuration (http)</b><br></div><div>I used this guide: <a href="https://help.ubuntu.com/community/Squid">https://help.ubuntu.com/community/Squid</a></div><div><br></div><div><b>3.) configuration (https)</b></div><div>I used this guide: <a href="http://wiki.squid-cache.org/ConfigExamp">http://wiki.squid-cache.org/ConfigExamp</a> ... mpExplicit</div><div><br></div><div><br></div><div>The server is now working for http and https, but is the server secure, too?</div><div><br></div><div>Is the default config already secure or do I need to configure additional security features? (e.g. things like cert validation, cert pinning, [dont know what's importend], ...)</div><div><br></div><div>Thank you</div></div><div id="DDB4FAA8-2DD7-40BB-A1B8-4E2AA1F9FDF2"><table style="border-top:1px solid #aaabb6;margin-top:30px">
<tr>
<td style="width:105px;padding-top:15px">
<a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" target="_blank"><img src="https://ipmcdn.avast.com/images/logo-avast-v1.png" style="width: 90px; height:33px;"></a>
</td>
<td style="width:470px;padding-top:20px;color:#41424e;font-size:13px;font-family:Arial,Helvetica,sans-serif;line-height:18px">Diese E-Mail wurde von einem virenfreien Computer gesendet, der von Avast geschützt wird. <br><a href="https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" target="_blank" style="color:#4453ea">www.avast.com</a> </td>
</tr>
</table>
<a href="#DDB4FAA8-2DD7-40BB-A1B8-4E2AA1F9FDF2" width="1" height="1"></a></div>