Re: [squid-users] squid 3.2.0.17 + transparent + sslbump

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 17 Apr 2012 22:21:15 +1200

On 17/04/2012 10:16 p.m., Daniel Niasoff wrote:
> Thanks Ahmed,
>
> That worked, well sort of anyway.
>
> Squid is now successfully transparently intercepting SSL but as stated on the wiki, certificate rewrite doesn't work.
>
> So I guess the only real solution is explicit proxy.
>
> I tried to play around with WPAD + PAC but that is only useful when PCs are on a corporate network with centrally managed DNS/DHCP.
>
> My clients are home users with their own broadband routers which manage their own DHCP.
>
> So any ideas what I can do if I want to set up a proxy service for SSL with minimum effort required from users and no control of DHCP?

You can publish the details of your proxy and PAC file, encouraging them
to make use of it for faster Internet.

Amos
Received on Tue Apr 17 2012 - 10:21:22 MDT

This archive was generated by hypermail 2.2.0 : Tue Apr 17 2012 - 12:00:03 MDT