[squid-users] How can squid 4.5 be configured to support TLS1.3

赵 俊 jun357572957zhao at hotmail.com
Tue Apr 2 08:35:31 UTC 2019


Because squid 4.5 with the configuration like this can not bump TLS1.3.

https_port 192.168.30.4:3129 intercept ssl-bump connection-auth=off generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/opt/squid/ssl_cert/CA.pem sslflags=NO_DEFAULT_CA

acl broken_sites ssl::server_name google.com
acl ssl_step1 at_step SslBump1

ssl_bump peek ssl_step1
ssl_bump bump broken_sites
ssl_bump splice all


How can squid 4.5 be configured to support TLS1.3 .


If not , how can i configure  squid4.5  which negotiate TLS version with a tls1.3-enabled webserver to restrict the TLS version below 1.2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20190402/a24bb2a0/attachment.html>


More information about the squid-users mailing list