[squid-users] Microsoft store issues with ssl-bump

[Eliezer Croitoru]

I am trying to implement a full SSL-BUMP and I am having trouble with MS
Store.

The Windows 10 MS Store tries to connect the domains:

storeedgefd.dsx.mp.microsoft.com

 

which is bypassed from SSL BUMP with a regex and server-name.

For some reason the store claims that there is an issue with the connection.

To resolve this issue what I am dong is resolving the domain:
storeedgefd.dsx.mp.microsoft.com

And bypassing it from squid interception which is done with an
nftables/iptables REDIRECT.

 

I believe I am not the first to encounter such an issue and looking for a
way to resolve this issue without
the dns+fw level bypass.

 

Any hints might help to find and resolve this issue

 

Thanks,

Eliezer

 

*	Squid 5.0.4 on Fedora 33.
*	I can generate a "support file" which contains all squid conf for
reproduction of the issue by the dev team.

 

----

Eliezer Croitoru

Tech Support

Mobile: +972-5-28704261

Email:  <mailto:ngtech1ltd at gmail.com> ngtech1ltd at gmail.com

Zoom: Coming soon

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20210112/e6fcfb90/attachment.htm>