Re: [squid-users] Re: squid with qlproxy on fedora 20 not working for https traffic

From: Amos Jeffries <>
Date: Sat, 14 Jun 2014 15:10:13 +1200

On 14/06/2014 1:23 p.m., MrErr wrote:
> Does this mean that dstdomain does not work with ssl-bump?

Yes and no. It works with CONNECT bumping in regular proxy traffic. It
does not work on intercepted port 443 traffic reliably.

> My other reason for not using "ssl-bump server-first all" is that the kindle
> fire stops working. I read that it was because of something called ssl
> pinning. So i do need to get some kind of targeted bumping to happen.

HSTS probably. And yes those sites bumping does not work for.

Received on Sat Jun 14 2014 - 03:10:35 MDT

This archive was generated by hypermail 2.2.0 : Sat Jun 14 2014 - 12:00:04 MDT