On 15/12/10 07:11, Oguz Yilmaz wrote:
>
>>> Squid conf param:
>>> https_port 8443 cert=/etc/squid/certs/sslfilter.crt
>>> key=/etc/squid/certs/sslfilter.key protocol=https accel vhost
>>> defaultsite=google.com
>>>
>>> The way I have created the certificate and key:
>>>
>>>
I think that config is incorrect. From the SSL Bump Wiki page
(http://wiki.squid-cache.org/Features/SslBump)
You need something like:
http_port 3128 sslBump cert=/usr/local/squid3/etc/CA-priv+pub.pem
# Bumped requests have relative URLs so Squid has to use reverse proxy
# or accelerator code. By default, that code denies direct forwarding.
# The need for this option may disappear in the future.
always_direct allow all
Alex
Received on Wed Dec 15 2010 - 10:59:11 MST
This archive was generated by hypermail 2.2.0 : Wed Dec 15 2010 - 12:00:03 MST