[squid-users] Analyzing encrypted traffic
Michael Varun
michael.varun at inmobi.com
Mon Oct 3 05:25:25 UTC 2016
Yeah, My bad i meant as HTTP HEADER and not HTML HEADER
Thanks for your input Amos, Just kicking off exploring squid
On Mon, Oct 3, 2016 at 10:09 AM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> On 3/10/2016 4:34 p.m., Michael Varun wrote:
> > squid will not be able to intercept encrypted traffic it just does a
> > passover using CONNECT to the origin server . You can explore the feature
> > SSL_BUMP which will basically help in intercepting encrypted traffic. You
> > will need to generate certificates and mimick the clients There are some
> > dependency on HTML HEADERS
>
> I think you mean HTTP headers. HTML has nothing to do with Squid. It is
> just opaque payload bytes to any HTTP proxy.
>
>
> > as well like AUTHORIZATION ,CACHE CONTROL and so
> > on. I am currently in same situation as you. I was able to perform GET
> > calls towards origin server ,But i am getting cache miss most of the time
> > and in process of investigating
>
> The HTTP (or HTTPS) headers are not related to SSL-Bump operations. The
> TLS layer and the HTTP layer are separate and handled independently.
>
> For the purposes of caching there is no difference between HTTP and
> HTTPS messages. The same rules are applied.
>
> <http://wiki.squid-cache.org/Features/SslPeekAndSplice>
>
> Amos
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
--
_____________________________________________________________
The information contained in this communication is intended solely for the
use of the individual or entity to whom it is addressed and others
authorized to receive it. It may contain confidential or legally privileged
information. If you are not the intended recipient you are hereby notified
that any disclosure, copying, distribution or taking any action in reliance
on the contents of this information is strictly prohibited and may be
unlawful. If you have received this communication in error, please notify
us immediately by responding to this email and then delete it from your
system. The firm is neither liable for the proper and complete transmission
of the information contained in this communication nor for any delay in its
receipt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161003/27ec91d9/attachment-0001.html>
More information about the squid-users
mailing list