[squid-users] SSL Inspection Question

Evan Blackstone evan.blackstone at oecu.org
Fri Sep 30 21:12:28 UTC 2016


I currently use a web filter product that does not feature ICAP server capability. (It can act as an ICAP client and send requests to other ICAP servers, but it cannot function as an ICAP server itself). Therefore, I'm unable to use Squid's ICAP functionality to query my web filter product.

Is there any safe way of using SSL-Bump on Squid to decrypt client traffic, redirect (via standard HTTP or some other means) to another network location, then receive and re-encrypt it before sending it out to its ultimate destination? Is this idea insane? I have several devices that would benefit from seeing an unencrypted view of our traffic in and out.


Experience local rewards with a new Experience Oklahoma Rewards credit card. Click here<https://www.oecu.org/credit-cards/researching-cards/rewards-credit-card/> for details.

________________________________

NOTICE:
This e-mail is intended solely for the use of the individual to whom it is addressed and may contain information that is privileged, confidential or otherwise exempt from disclosure. If the reader of this e-mail is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify us by replying to the original message at the listed email address.

Thank you
Oklahoma Employees Credit Union
http://www.oecu.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160930/f60aa272/attachment.html>


More information about the squid-users mailing list