At the moment I redirect http(443) requests into squid configured
https_port. It works as expected. It terminate ssl connection with the
ssl certificate installed in Squid. And then proxies traffic.
In this setup, end users get illegal certificate errors, of course.
I want to established a local CA and install public certificate of
this local CA into end user client PCs. Squid should get the target
domain name, it should create a ssl certificate for that target domain
in the local ca on the fly. Because I installed CA public certificate
in Trusted Root Certificate Authorities in the client PC, client IE
will not give any errors, trust the site certificate and provides real
tranparent https proxying.
An open source tool, imspector, does the same setup successfully for
another aim.
I try to find a way of implementing such setup with squid and I need
your kind comments.
Best regards,
-- Oguz YILMAZReceived on Tue Jun 14 2011 - 07:48:39 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 14 2011 - 12:00:02 MDT