[squid-users] Squid 3.5.17 SSL-Bump Step1

admin admin at tisiz72.ru
Tue May 17 03:08:05 UTC 2016


Thanks for answer, Alex! 

Alex Rousskov писал 2016-05-17 00:24:

> When access is prohibited via http_access deny, Squid needs to send an
> "Access Denied" error response to the user (this is how http_access
> works). To send that error to the user, Squid needs to establish a
> secure connection with the user (this is how HTTPS works). To do that,
> Squid has to use its own SSL certificate (this is how SSL works).
> 
> If you want to use a splice-or-terminate design, do not deny access via
> http_access. Limit yourself to "ssl_bump terminate" rules.

Is feature planned to squid gave when ERR_ACCESS_DENIED then terminate?

What are some other ways to deny HTTPS in intercept mode?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160517/75b480d8/attachment.html>


More information about the squid-users mailing list