Re: [squid-users] Re: HTTPS traffic in normal transparent proxy

From: E.S. Rosenberg <>
Date: Fri, 2 Nov 2012 12:24:01 +0200

2012/11/2 Markus <>:
> Ok, I understand but I thought that sslbump realize it so that the encrypted
> data from client will be decrypted and it will be encrypted before sending
> the request to parent proxy (man-in-the-middle).
> This also should word with https, shouldn't?
> Can I fix this issue for me? Security is not important, because I only use
> it for the market on my tablet which needs https and no proxy-support.

Well unless you installed the cert you are using for your MITM attack
as a trusted CA on your client device you'll see the warning, that's
kind of the point of SSL.
And with android (and chorme?) & google sites I think you'll see it
even if you install it since they hava a whitelist of CAs for google
domains, this was afaik how the Iranian forged google certs were
discovered (diginotar).

> --
> View this message in context:
> Sent from the Squid - Users mailing list archive at
Received on Fri Nov 02 2012 - 10:24:11 MDT

This archive was generated by hypermail 2.2.0 : Fri Nov 02 2012 - 12:00:03 MDT