[squid-users] iOS 8 and ssl_bump: Anyone working?

inetjunkmail inetjunkmail at gmail.com
Thu Oct 30 19:30:10 UTC 2014


We have an explicit squid proxy running ssl bump that works fine for iOS 7
but Safari on iOS 8 gives an error stating that "There was a problem
communicating with the secure web proxy server (HTTPS)."  when browsing to
an SSL site that is bumped.

We can wipe an iOS 7 device, add the proxy CA to the trust store, and
successfully browse to an intercepted site.  Doing the same process with
iOS 8 reveals the error.

The error has been reproduced on two other intercepting proxy solutions.

Accessing SSL sites directly or non-intercepted is fine even if the
certificate is self signed or untrusted in any way.

We've tried contacting Apple and they are pressing hard to close the case
saying that they don't support interception; contact the vendor.  The fact
that it works fine with iOS 7, and the same error is reproducible with 3
separate SSL interception proxies suggests to me it's on them.

Is anyone else running into this?  Is anyone else working?

Thanks,
Each
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20141030/3e79a2f1/attachment-0001.html>


More information about the squid-users mailing list