On 24/06/11 19:52, kkk kkk wrote:
> Hi all,
>
> I know the SSL issue has been beaten to death
>
> I'm using DNS redirect to force my clients to use my intercept proxy.
> As we all know, intercepting HTTPS connection is not possible unless I
> provide a fake certificate. What I want to achieve here is to allow
> all HTTPS requests connect directly to the source server, thus
> bypassing Squid:
>
> HTTP connection> Proxy by Squid
> HTTPS connection> Bypass Squid and connect directly
>
>
> I spent the past few days goolging and trying different methods but
> none worked so far. I read about SSL tunneling using the CONNECT
> method but couldn't find any more information on it.
>
> Any takes on how to do this?
You need to know what the original IP should have been. Then NAT the
traffic on port 443 back to that IP.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.12 Beta testers wanted for 3.2.0.9 and 3.1.12.3Received on Fri Jun 24 2011 - 13:27:57 MDT
This archive was generated by hypermail 2.2.0 : Fri Jun 24 2011 - 12:00:03 MDT