RE: [squid-users] RE: SSLBUMP Issue with SSL websites

From: Muhammad Shehata <>
Date: Sun, 15 Jul 2012 13:01:38 +0000

    Is my question need any clarifications to be included as your response is very apperciated

Best Regards,
Muhammad Shehata

Is there anyone can help me in the mentioned error
From: Muhammad Shehata
Sent: Tuesday, July 10, 2012 8:55 AM
Subject: SSLBUMP Issue with SSL websites

hope you all are doing well
    actually I was following the replies on squid users-mail-list about sslbump issues with showing up some websites inline without images or css style sheet
like and as I have same issue in version squid 3.1.19, I know that when sslbump is enabled it intercept the CONNECT method and modify it to be GET method that when I used broken sites acl to exclude them however I see that the method is CONNECT for those excluded website not Get as all other bumped sites but it still the same result
1341837646.893 45801 x.x.x.x TCP_MISS/200 62017 CONNECT - DIRECT/

acl broken_sites dstdomain
acl broken_sites dstdomain
ssl_bump deny broken_sites
ssl_bump allow all
http_port ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=40MB cert=/etc/pki/tls/certs/sslintercept.crt key=/etc/pki/tls/certs/sslintercept.key
Received on Sun Jul 15 2012 - 13:02:22 MDT

This archive was generated by hypermail 2.2.0 : Sun Jul 15 2012 - 12:00:02 MDT