Re: [squid-users] https

From: Joe Cooper <joe@dont-contact.us>
Date: Thu, 13 Jun 2002 16:12:36 -0500

As I said, you can't do that. Transparent proxying of SSL traffic is
not supported by Squid (or any proxy I know of).

I believe Henrik has mentioned in the past that it would be possible
with some coding in Squid (basically hacking every SSL request into a
CONNECT transparently). If you must have it, I reckon you could hire
Henrik or someone else to implement it for you. It is considered to be
a rather ugly hack by most or all of the developers, so it is unlikely
that any will ever spend time on developing such a feature for fun.

COLSON Arkadi wrote:
> I just want to make it transparent the users can select direct connection in
> the browser settings
> I just did another test and I found out this.
> If I set the https-proxy in the browser settings to 10.1.5.100 port 3128(so
> directly without any redirection), then it works, but I don't want that.
>
> ----- Original Message -----
> From: "Joe Cooper" <joe@swelltech.com>
> To: "COLSON Arkadi" <acolson@pandora.be>
> Cc: <squid-users@squid-cache.org>
> Sent: Thursday, June 13, 2002 10:50 PM
> Subject: Re: [squid-users] https
>
>
>
>>COLSON Arkadi wrote:
>>
>>>Hi,
>>>
>>>Can someone help me with https?
>>>
>>>I redirected port 443 to 3128 at my firewall.
>>
>>Why? Are you trying to do interception proxying of SSL traffic? Can't
>>do that. If you are using Squid as a traditional proxy then you don't
>>need any redirection, as the browser has to be configured to talk to
>>Squid anyway.
>>--
>>Joe Cooper <joe@swelltech.com>
>>Web caching appliances and support.
>>http://www.swelltech.com
>>
>>
>>
>
>

-- 
Joe Cooper <joe@swelltech.com>
Web caching appliances and support.
http://www.swelltech.com
Received on Thu Jun 13 2002 - 15:13:33 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:41 MST