[squid-users] Squid doesn't use domain name as a request URL in access.log when splice at step 3 occurs
Garri Djavadyan
garryd at comnet.uz
Fri Nov 4 17:56:46 UTC 2016
On 2016-11-04 19:42, Amos Jeffries wrote:
> On 5/11/2016 1:43 a.m., Garri Djavadyan wrote:
>> The configuration for splice at step 3:
>>
>> # diff etc/squid.conf.default etc/squid.conf
>> 73a74,78
>>> https_port 3129 intercept ssl-bump cert=etc/ssl_cert/myCA.pem
>> generate-host-certificates
>>> acl StepSplice at_step SslBump3
>>> ssl_bump splice StepSplice
>>> ssl_bump peek all
>>> logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %[un
>> %Sh/%<a %mt %ssl::>sni
>>
>>
>> The result:
>> 1478256303.420 574 172.16.0.21 TCP_TUNNEL/200 6897 CONNECT
>> 104.124.119.14:443 - ORIGINAL_DST/104.124.119.14 - www.openssl.org
>>
>>
>> Is it a bug or intended behavior? Thanks.
>>
>
> The person (Christos) who designed that behaviour is not reading this
> mailing list very often.
Does it mean a bug report would have better chances to get noticed?
> AFAIK, it depends on what the SubjectAltName field in the certificate
> provided by 104.124.119.14 contains.
The SubjectAltName field's value in the certificate is:
Not Critical
DNS Name: www.openssl.org
More information about the squid-users
mailing list