[squid-users] howto disable tls compression when using sslbump in squid-3.5.5 between squid and https webserver ?

Dieter Bloms squid at bloms.de
Tue Jun 9 14:33:32 UTC 2015


Hello,

I use squid 3.5.5 and use the sslbump feature.
When I activate sslbump, the browsertest on www.ssllabs.com
( https://www.ssllabs.com/ssltest/viewMyClient.html )
says TLS compression is activated and insecure.
I use openssl 1.0.1m on my proxyserver

I tried some settings like:

sslproxy_flags No_Compression

but squid claims "FATAL: Unknown ssl flag 'No_Compression'".

Is it possible to disable TLS compression for the connection from squid
to the webserver when sslbump is used ?

Thank you very much.


-- 
Regards

  Dieter Bloms

--
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.


More information about the squid-users mailing list