09:48, March 4, 2019, "Alexander Bokovoy via FreeIPA-users" <[email protected]>:
On ma, 04 maalis 2019, Edward Valley via FreeIPA-users wrote:
Thanks for your answer. Doing it the way you propose, squid uses basic
authentication, which exposes user names and passwords in the network
because of the simple base64 encoding.Just set up your clients to use HTTPS proxy connection in the browser.
--
https://wiki.squid-cache.org/Features/HTTPS#Encrypted_browser-Squid_connection
talks about it. Both Chrome-based browsers and Firefox do work just fine
with HTTPS connection to the proxy for years now.
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
_______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
