[squid-users] can't access https://www.finanzamt.bayern.de/ with sslbump (other sites works well)

Antony Stone Antony.Stone at squid.open.source.it
Tue Jan 8 17:13:31 UTC 2019


On Tuesday 08 January 2019 at 17:52:23, Dieter Bloms wrote:

> Hello,
> 
> I've compiled squid 4.5 with openssl1.1 as shipped with debian9.
> Sslbump works fine for all sides, but I can't access only one site
> https://www.finanzamt.bayern.de/

Given who that is, I would not be at all surprised if they've used SSL pinning 
or similar to ensure that no form of MITM attack can be used to intercept data 
between clients and their website.

I can't test for this (I don't use SSL bump myself), but I wouldn't be 
surprised if the Bayern finance ministry is rather keen to avoid data 
interception.

No doubt others here can comment further, or advise where to look for positive 
confirmation of this theory.


Antony.

-- 
This email was created using 100% recycled electrons.

                                                   Please reply to the list;
                                                         please *don't* CC me.


More information about the squid-users mailing list