[squid-users] Squid 3 SSL bump: Google drive application could not connect

Rafael Akchurin rafael.akchurin at diladele.com
Tue Dec 30 17:39:32 UTC 2014


Hello Yuri,

Luckily the same topic was just discussed on our forum – please see if this can help https://groups.google.com/d/msg/quintolabs-content-security-for-squid-proxy/GKIV3FpYSBE/9IET-4hg_tEJ

It describes the iptables settings for successful SSL bump exclusions for Dropbox clients / Google Drive / iTunes (bypassing SSL Bump because of SSL Pinning).

Best regards,
Raf

From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Rafael Akchurin
Sent: Tuesday, December 30, 2014 4:23 PM
To: Yuri Voinov; squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Squid 3 SSL bump: Google drive application could not connect


​Only exclusion from SSL Bump as far as I know.



raf

________________________________
From: Yuri Voinov <yvoinov at gmail.com<mailto:yvoinov at gmail.com>>
Sent: Tuesday, December 30, 2014 3:19 PM
To: Rafael Akchurin; squid-users at lists.squid-cache.org<mailto:squid-users at lists.squid-cache.org>
Subject: Re: [squid-users] Squid 3 SSL bump: Google drive application could not connect


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

May be.

Does workaround exists?

30.12.2014 20:09, Rafael Akchurin ?????:
> SSL Pinning? (I know Dropbox does this)

>

> my two cents only :)

>

> Raf

>

> ________________________________________

> From: squid-users <mailto:squid-users-bounces at lists.squid-cache.org>
<squid-users-bounces at lists.squid-cache.org><mailto:squid-users-bounces at lists.squid-cache.org> on behalf of Yuri Voinov <mailto:yvoinov at gmail.com>
<yvoinov at gmail.com><mailto:yvoinov at gmail.com>

> Sent: Tuesday, December 30, 2014 2:12 PM

> To: <mailto:squid-users at lists.squid-cache.org>
squid-users at lists.squid-cache.org<mailto:squid-users at lists.squid-cache.org>

> Subject: [squid-users] Squid 3 SSL bump: Google drive application could not     connect

>

> Hi gents,

>

> I found strange issue.

>

> Squid 3.4.10. Intercept. HTTPS bumping. All works fine. All configs correct.

>

> Whenever all web https sites works perfectly - especially in Chrome,

> most cloud clients works like charm (SpiderOak is!), Google Drive client

> application (PC) could not work.

> Note: Web Google Docs works. Web Google drive works.

>

> Note: Google support info - even I if pass dozen Google URL's without

> bump - cannot help. It doesn't work when server-first bumping is on and

> works othervise.

>

> So, the Serious Question is: Why? :)

>

> Any idea?

>

>

>

>

> _______________________________________________

> squid-users mailing list

> <mailto:squid-users at lists.squid-cache.org>
squid-users at lists.squid-cache.org<mailto:squid-users at lists.squid-cache.org>

> <http://lists.squid-cache.org/listinfo/squid-users>
http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJUorRuAAoJENNXIZxhPexGRPEH/0Vlh/kZINRlo3IaDe/9UYSW
M0oaXQemB2Wg/wvNMdZ8SA3F4dUJUuHgS/y7FXcCgP/KgWnudsoJ7oPiHEVNPzt3
L8K7rNPy3d/c/+baXilh4/xErp/mAOKU/mLBqd0GQYQ2N7bAsWpsWqt7/dTGxWkU
kLVgFJr9JblxVdABAZ7JTooye3bLskdrAB/865vZOyQcveozW6d4TKZwaEGFrq/d
b/3Mki4T6YLMG248jVN+43W2us6Z598geDLn8aJN+zb/s6TBEzxy1d5tUROM4a2A
1rE7B92o+9leZi+JdQAGX4l7Um1WVmrnih52w+Pxz/PR/k7Hz+fCcQBlUtsqvMk=
=Lf+I
-----END PGP SIGNATURE-----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20141230/465e94a2/attachment.html>


More information about the squid-users mailing list