On 11/14/2012 11:17 AM, Vincent Miszczak wrote: > I’d like to know how Squid resolves the remote host when handling an > intercepted server-first bumped connection, so I’ll be able to setup my > network accordingly.
Using the destination address of the intercepted TCP connection, Squid securely connects to the origin server, receives the origin server SSL certificate, and generates a fake SSL certificate by mimicking origin server certificate properties. After all of the above, Squid secures the connection with the client by performing an SSL handshake using the fake SSL certificate. Alex.
