[squid-users] squid-users Digest, Vol 27, Issue 4
Patrick Flaherty
vze2k3sa at verizon.net
Wed Nov 2 12:06:08 UTC 2016
Message: 5
Date: Wed, 2 Nov 2016 13:09:20 +1300
From: Amos Jeffries <squid3 at treenet.co.nz>
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Can Squid communicate http to clients
connecting to https sites?
Message-ID: <ee0bea25-6a0b-0090-f23f-05bc8d51edb2 at treenet.co.nz>
Content-Type: text/plain; charset=utf-8
On 2/11/2016 12:55 p.m., vze2k3sa wrote:
> Hi,
>
> I have a question around have Squid which is configured to handle all
> company traffic to and from the web. When connecting to an SSL
> website, HTTP Connect is used. Can Squid be configured so all the
> inbound SSL traffic is SSL decrypted and send back to clients as clear text http traffic?
>The CONNECT message *is* clear-text HTTP. So already it is doing what you asked. But I think what you want is not want you are asking for.
>Squid supports receiving requests for https:// URLs from clients on regular TCP connections and will perform the HTTPS part for them.
>Squid also supports clients using TLS to connect to the proxy, then to pass it requests for https:// URLs. There is a sad lack of clients that support doing that though.
>If the client is performing TLS to the origin server, then no. You cannot reply with plain-text HTTP to them. Your only choice in that case is the SSL-Bump feature.
>Amos
Thanks Amos for the reply.
What I'm looking for is to send all client requests http and get replies back as http where I don't care if the internet site requires SSL or not.
If a site does require SSL then can squid handles that where again the responses back to the client are http.
-Patrick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161102/44272940/attachment.html>
More information about the squid-users
mailing list