[squid-users] ssl-bump not working in non transparent mode

From: Nil Nik <nil_fergi_at_hotmail.com>
Date: Fri, 27 Jun 2014 12:45:58 +0000

I have setup a squid 3.3.9 with ssl-bump enabled. When i access through transparent mode its working fine but when i use proxy address in my borrower (non transparent mode) its not working. Following is my squid configuration: visible_hostname 10.10.16.56 http_port 10.10.16.56:3127 intercept http_port 10.10.16.56:3128 https_port 10.10.16.56:3129 generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/mycert.pem intercept ssl-bump always_direct allow all ssl_bump server-first all sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s /usr/local/squid/var/lib/ssl_db -M 4MB sslcrtd_children 10 hierarchy_stoplist cgi-bin ? negative_ttl 0 icap_enable on icap_send_client_ip on icap_service service_req reqmod_precache bypass=1 icap://127.0.0.1:1344/srv_clamav adaptation_access service_req allow all icap_service service_resp respmod_precache bypass=1 icap://127.0.0.1:1344/srv_clamav adaptation_access service_resp allow all
Received on Fri Jun 27 2014 - 12:46:07 MDT

This archive was generated by hypermail 2.2.0 : Sun Jun 29 2014 - 12:00:05 MDT