Re: [squid-users] Https contents

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 01 Oct 2009 11:24:43 +1200

On Wed, 30 Sep 2009 14:58:08 +0200, Ivan.Galli_at_aciglobal.it wrote:
> Hi, i have a question about https traffic content.
> There is some way to check what pass through ssl tunnel?
> Can squidguard or any other programs help me?

The 'S' in HTTPS means Secure or SSL encrypted.

Why do you want to do this?

Depends on the type of service environment are you working with...

* ISP-like where 'random' people use the proxy?
- dont bother. This is a one-way road to serious trouble.

* reverse-proxy where you own or manage the HTTPS website itself?
- use https_port and decrypt as things enter Squid. Re-encrypt if needed to
the peer.

* Enterprise setup where you have full control of the workstation
configuration?
- use Squid-3.1 and SslBump. Push out settings to all workstations to trust
the local proxy keys (required).

Amos
Received on Wed Sep 30 2009 - 23:24:49 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 01 2009 - 12:00:05 MDT