Re: [CentOS] latest skype (version 8.16.0.4) on Centos 7

2018-03-05 Thread Fred Smith
On Mon, Mar 05, 2018 at 09:29:51PM +0100, wwp wrote: > Hello Fred, > > > On Mon, 5 Mar 2018 13:53:16 -0500 Fred Smith > wrote: > > > I've finally been reduced to having to install Skype on my Linux box. > > I resisted for years, but now ended up trying it. > >

Re: [CentOS] latest skype (version 8.16.0.4) on Centos 7

2018-03-05 Thread wwp
Hello Fred, On Mon, 5 Mar 2018 13:53:16 -0500 Fred Smith wrote: > I've finally been reduced to having to install Skype on my Linux box. > I resisted for years, but now ended up trying it. > > and while the latest RPM installs just fine, it refuses to

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Andrew Holway
Wouldn't filtering the DNS be more practical? On 5 March 2018 at 18:57, Leon Fauster wrote: > > > Am 05.03.2018 um 15:34 schrieb Bill Gee : > > > > > > On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote: > >> Am 05.03.2018 um 13:04

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread John Ratliff
On 2/28/2018 4:23 PM, Nicolas Kovacs wrote: Hi, I've been running Squid successfully on CentOS 7 (and before that on 6 and 5), and it's always been running nicely. I've been using it mostly as a transparent proxy filter in school networks. So far, I've only been able to filter HTTP. Do any of

[CentOS] latest skype (version 8.16.0.4) on Centos 7

2018-03-05 Thread Fred Smith
Hi all! I've finally been reduced to having to install Skype on my Linux box. I resisted for years, but now ended up trying it. and while the latest RPM installs just fine, it refuses to acknowledge that I have a microphone! In fact I have two: 1 in the USB web cam (it finds the cam), the

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Leon Fauster
> Am 05.03.2018 um 15:34 schrieb Bill Gee : > > > On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote: >> Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs : >>> Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit : So far, I've only been able to

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Valeri Galtsev
On 03/05/18 10:21, Nicolas Kovacs wrote: Le 05/03/2018 à 16:30, Valeri Galtsev a écrit : Sorry, I missed the beginning of this thread. This sounds to me like running one's own Certification Authority. I did that a while ago for over a decade. However, these days one may consider

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Nicolas Kovacs
Le 05/03/2018 à 16:30, Valeri Galtsev a écrit : > Sorry, I missed the beginning of this thread. This sounds to me like > running one's own Certification Authority. I did that a while ago for > over a decade. However, these days one may consider > > https://letsencrypt.org/ > > - you will have to

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Valeri Galtsev
On 03/05/18 08:34, Bill Gee wrote: On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote: Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs : Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit : So far, I've only been able to filter HTTP. Do any of you do transparent HTTPS

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Valeri Galtsev
On 03/05/18 07:23, Leon Fauster wrote: Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs : Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit : So far, I've only been able to filter HTTP. Do any of you do transparent HTTPS filtering ? Any suggestions, advice, caveats, do's and

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Vitalino Victor
The certificate should have *CA:true* set for act a CA for dynamic signing certificates by Squid. Most probably, Let's Encrypt will ignore this constraint in CSR. 2018-03-05 12:33 GMT-03:00 Chris Adams : > Once upon a time, Valeri Galtsev said: > >

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Chris Adams
Once upon a time, Valeri Galtsev said: > https://letsencrypt.org/ > > - you will have to run web server to have certificate signed by > them Not necessarily - we do most of our Let's Encrypt validation with DNS rather than HTTP. -- Chris Adams

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Valeri Galtsev
On 03/05/18 06:34, Nicolas Kovacs wrote: Le 05/03/2018 à 13:30, Nux! a écrit : You could probably just drop your CA cert in the filesystem and run a couple of commands to get it imported, rather than having to import the CA in the browsers individually. You could probably deliver it via

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Vitalino Victor
Starting with version 3.5 of Squid, was introduced a new feature named "*SslBump Peek and Splice*". With this functionality, Squid is able to intercept HTTPS traffic transparently (with exceptions, of course). This manner, Squid, with spike, is able to logging HTTPS traffic and apply directives

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Bill Gee
On Monday, March 5, 2018 7:23:53 AM CST Leon Fauster wrote: > Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs : > > Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit : > >> So far, I've only been able to filter HTTP. > >> > >> Do any of you do transparent HTTPS filtering ? Any

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Leon Fauster
Am 05.03.2018 um 13:04 schrieb Nicolas Kovacs : > > Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit : >> So far, I've only been able to filter HTTP. >> >> Do any of you do transparent HTTPS filtering ? Any suggestions, >> advice, caveats, do's and don'ts ? > > After a week of

Re: [CentOS] Addind kmail to EPEL

2018-03-05 Thread Nicolas Kovacs
Le 04/03/2018 à 02:45, Yves Bellefeuille a écrit : > I finally decided to move from CentOS 6 to CentOS 7, but was surprised > to see that kmail is no longer included: Red Hat deliberately decided > to omit it. Probably because it's too buggy. I've been using Kmail for a few years under KDE 3.x,

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Nicolas Kovacs
Le 05/03/2018 à 13:30, Nux! a écrit : > You could probably just drop your CA cert in the filesystem and run a > couple of commands to get it imported, rather than having to import > the CA in the browsers individually. You could probably deliver it > via yum/rpm or better yet, ansible or even some

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Nux!
Nice, thanks for sharing. You could probably just drop your CA cert in the filesystem and run a couple of commands to get it imported, rather than having to import the CA in the browsers individually. You could probably deliver it via yum/rpm or better yet, ansible or even some shell script.

Re: [CentOS] Squid and HTTPS interception on CentOS 7 ?

2018-03-05 Thread Nicolas Kovacs
Le 28/02/2018 à 22:23, Nicolas Kovacs a écrit : > So far, I've only been able to filter HTTP. > > Do any of you do transparent HTTPS filtering ? Any suggestions, > advice, caveats, do's and don'ts ? After a week of trial and error, transparent HTTPS filtering works perfectly. I wrote a detailed