[squid-users] Help with squid 4.5. on centos 6.6. filter Https
Amos Jeffries
squid3 at treenet.co.nz
Fri Jun 5 22:53:08 UTC 2015
On 6/06/2015 2:51 a.m., davincy wrote:
> Hi Everybody
>
> Im young and curious with the new theme, filter https with squid
>
Check your local laws before going any further. HTTPS interception and
decryption is illegal in most countries, and even where it is legal may
still require a government license or approval.
> Im from Colombia, Im trying apply the new options of squid but I donĀ“t find
> some directory when you make examples or modification for make funcional
> squid
>
> "squid3" or the directory on opt whit the cert_ssl, ssl_db I need create
> that manually?
"squid3" is the Debian package naming scheme. CentOS work differently.
Configuration should be in /etc/squid/
>
> Im using Shorewall for administrate my Iptables
>
> Someone can help me with some example for centos or explain to me what I
> need do for the directory that not find
>
> thanks, sorry for my english
>
I suggest you start with the 3.5 package
<http://wiki.squid-cache.org/KnowledgeBase/CentOS> provided by Eliezer.
That includes OpenSSL support for these HTTPS features.
The wiki documentation is the next place to go for information. However
be aware that what people are calling "SSL-Bump" is now on its third
generation of features and some of the wiki documents are not exactly up
to date.
The articlaes relevant to Squid-3.5 are:
<http://wiki.squid-cache.org/Features/SslPeekAndSplice>
<http://wiki.squid-cache.org/Features/DynamicSslCert>
<http://wiki.squid-cache.org/Features/MimicSslServerCert>
Amos
More information about the squid-users
mailing list