[squid-users] How to setup a secure(!) squid proxy
startrekfan
startrekfan75 at freenet.de
Fri Jan 15 10:13:41 UTC 2016
Hello
I`m sorry. I'm not a native speaker so I maybe don't find the right words.
I'd like to setup a proxy that can scan the incoming traffic for virus
(squidclamav). To do that for a https/ssl connection I need the squid
ssl-bump feature or is there an other solution?
Now I want to setup the ssl-bump feature as safe as using no ssl-bump. Is
this possible with squid 3.4? (Of course every one who has my CA cert can
decrypt the traffic, but I keep it safe.)
Squid is communicating with the remote server(webserver). I'd like to have
at least this communication as safe as using a normal browser.
Does squid 3.4 do all the necessary steps like checking the certificate
validity? What about advanced features like cert pinning?
How do I configure ssl virus scanning? Are this steps enough:
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit
Thank you again :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160115/0e56d268/attachment.html>
More information about the squid-users
mailing list