[squid-users] Strange Squid SSL Interception Behavior
Amos Jeffries
squid3 at treenet.co.nz
Wed Aug 26 13:13:59 UTC 2020
On 26/08/20 11:03 pm, Mathew Brown wrote:
> Thank you Alex + Amos :) You've really helped clarify things. I had a
> final question regarding this setup. Does this configuration only look
> at the client side part of the SNI request or also the server
> certificate. If it only looks at the client-side, how would I tell it to
> look at the server response as well? Thanks.
SSL-Bump step 1 decides whether to look at the client handshake details.
Step 2 decides whether to look at the server handshake details.
Step 3 decides what to do given all available info from both handshakes.
The process is all described at
<https://wiki.squid-cache.org/Features/SslPeekAndSplice>
Amos
More information about the squid-users
mailing list