Re: [squid-users] sslbump and always_direct

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 26 Jan 2011 22:53:20 +0000

On Wed, 26 Jan 2011 20:18:08 +0000, Ming Fu wrote:
> Hi,
>
>
> The wiki sample http://wiki.squid-cache.org/Features/SslBump suggested
> addi= ng "always_direct allow all".
>
> This will prevent me from having a peer proxy when sslbump is
configured.
>
> Wonder what is the reason behind the setting.

With ssl-bump Squid will hit bugs when un-wrapping back to a CONNECT
request or may send raw unencrypted https://... URLs to the peers.

Amos
Received on Wed Jan 26 2011 - 22:53:22 MST

This archive was generated by hypermail 2.2.0 : Thu Jan 27 2011 - 12:00:03 MST