[squid-users] Allow some domains to bypass Squid
Nicolas Kovacs
info at microlinux.fr
Sun Mar 11 08:07:16 UTC 2018
Hi,
I have Squid setup as a transparent HTTP+HTTPS proxy in my local
network, using SSL-Bump.
The configuration works quite nicely, according to
/var/log/squid/cache.log and /var/log/squid/access.log.
This being said, I am having trouble with a handful of domains like
Github, or my OwnCloud installation. I have an OwnCloud server installed
at https://cloud.microlinux.fr, and everytime I fire up a client, I have
to confirm the use of an untrusted certificate. And on my workstation, I
can't connect to my Github repository anymore. Here's the error I get.
# git pull
fatal: unable to access 'https://github.com/kikinovak/centos-
7-desktop-kde/': Peer's certificate issuer has been marked as not
trusted by the user.
So I thought the best thing to do is to create an exception for this
handful of domains with issues.
Can I configure some domains to simply bypass the proxy in my current
(transparent) setup? Ideally, the configuration should be able to read a
simple text file containing said domains, something like
/etc/squid/bypass-these-domains.txt. And then these bypass the proxy and
get treated regularly, as if there was no proxy?
Cheers,
Niki
--
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : info at microlinux.fr
Tél. : 04 66 63 10 32
More information about the squid-users
mailing list