[squid-users] Add header to SSL requests to my own domain using my domains certs

James Beecham james.d.beecham at gmail.com
Sun Feb 15 22:02:35 UTC 2015


Hello,

Thank you to everyone who works on this great project! I have been using
Squid as an intercept for a while now and am very happy.

I have a high level question regarding SSL_Bump.

My company recently switched to using SSL for our web services, which
requires me to make some changes to the way that we use Squid.

I have a need to place a header value into requests coming to our own
domain (ex. https://www.myhost.com) for proper usage. Before using SSL I
was using request_header_add without any issues and getting perfect
performance. Now with SSL I still need to get a header value into the
requests to our domain.

I do not wish to bump/inspect all traffic over 443, I only wish to add a
header to request to my own domain. Since I am the domain admin I have
access to the certs from the CA. I understand how acls work and am not
concerned about setting this up.

I would like to know what you all think about using our domains actual
certs (www.myhost.com) to bump only that domain and add the header field
that I need. Will this allow me to modify the header without the client
knowing or their browser telling them about man in the middle? My knowledge
of SSL/TLS is low but growing everyday.

Thank you for your attention and please ask more questions if my situation
is not clear.'

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150215/b6e86992/attachment.html>


More information about the squid-users mailing list