[squid-users] SSL intercept in explicit mode

Matus UHLAR - fantomas uhlar at fantomas.sk
Wed Mar 14 13:26:28 UTC 2018


On 13.03.18 14:44, Danilo V wrote:
>I mean SSL bump in explicit mode.
>So intercept is a essencial requirement for running SSL bump?

No, you asked for "explicit mode with ssl intercept" which I pointed out is
illogical.


>Em ter, 13 de mar de 2018 às 11:10, Matus UHLAR - fantomas <
>uhlar at fantomas.sk> escreveu:
>> On 13.03.18 13:44, Danilo V wrote:
>> >Is it possible/feasible to configure squid in explicit mode with ssl
>> >intercept?
>>
>> maybe you mean SSL bump in explicit mode?

It is possible to bump explicit proxy.

>> >Due to architecture of my network it is not possible to implement
>> >transparent proxy.
>>
>> excuse me?
>> by "transparent" people mean what we usually call "intercept".

>> >What would be the behavior of applications that dont support proxy - i.e.
>> >dont forward requests to proxy?
>>
>> they mest be intercepted.

"must" be intercepted. Since you said that it's not possible transparent (I
believe you have meant intercepting) proxy, it's apparently not possible to
handle applications that do not support proxy.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
2B|!2B, that's a question!


More information about the squid-users mailing list