On 24/08/2014 1:00 a.m., Nicolás wrote: > Hi, > > I'm using Squid 3.3.8 as a transparent proxy, it works fine with HTTP, > but I'd like to avoid cacheing HTTPS sites, and just determine whether > the requested URL is listed as denied on Squid (via 'acl dstdom_regex' > for instance), otherwise just make squid act as a proxy to the URL's > content. Is that even possible without using SSL Bump? Otherwise, could > you recommend the simplest way of achieving this? >
No it is only possible with bumping. For transparent interception of port 443 (HTTPS) use squid-3.4 with server-first bumping at minimum, preferrably squid-3.5 with peek-n-splice when it comes out. If you bump and still do not want to cache for some reason the cache access control can be used like so: acl HTTPS proto HTTPS cache deny HTTPS Amos
