On 10/28/21 12:39 PM, Steve Hill wrote:
> On 28/10/2021 16:41, Alex Rousskov wrote:
>> AFAICT, the primary obstacle here is that Squid pins the connection
>> while obtaining the origin server certificate.
> Well, I can't see why Squid needs the origin certificate - it should be
> able to make a
On 10/28/21 9:24 AM, Steve Hill wrote:
> For transparently proxied traffic, the client makes a connection to
> www.google.com's IP address, which Squid intercepts. Squid must then
> SSL-peek the request to figure out that it is connecting to
> www.google.com. The onward connection can then be