Hi Yuri, Thank you.
Are these HTTPS CONNECT requests coming over port 80? If not would I need to make a rule to forward 443 to another Squid port configured to ssl_bump? James On Sun, Feb 15, 2015 at 2:37 PM, Yuri Voinov <yvoi...@gmail.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit > > 16.02.15 4:02, James Beecham пишет: > > Hello, > > > > Thank you to everyone who works on this great project! I have been > > using Squid as an intercept for a while now and am very happy. > > > > I have a high level question regarding SSL_Bump. > > > > My company recently switched to using SSL for our web services, > > which requires me to make some changes to the way that we use > > Squid. > > > > I have a need to place a header value into requests coming to our > > own domain (ex. https://www.myhost.com) for proper usage. Before > > using SSL I was using request_header_add without any issues and > > getting perfect performance. Now with SSL I still need to get a > > header value into the requests to our domain. > > > > I do not wish to bump/inspect all traffic over 443, I only wish to > > add a header to request to my own domain. Since I am the domain > > admin I have access to the certs from the CA. I understand how acls > > work and am not concerned about setting this up. > > > > I would like to know what you all think about using our domains > > actual certs (www.myhost.com) to bump only that domain and add the > > header field that I need. Will this allow me to modify the header > > without the client knowing or their browser telling them about man > > in the middle? My knowledge of SSL/TLS is low but growing > > everyday. > > > > Thank you for your attention and please ask more questions if my > > situation is not clear.' > > > > James > > > > > > > > _______________________________________________ squid-users mailing > > list squid-users@lists.squid-cache.org > > http://lists.squid-cache.org/listinfo/squid-users > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQEcBAEBAgAGBQJU4R+xAAoJENNXIZxhPexGap0IAI8I9aimys3+1pdZAPWYtxDQ > N4Otv7Lz8rJx+TJGITgHbsvg5l09plilGLz2LmA05IkqpSOEtEGVQMUusx8sI/kH > G9fPlY0r1MD2IUs5nKD9HK/oqZ2FhUceJG+XLs1tKCsPgMLSmIiEzGg4oM2pZEzw > h3kH2b8hP7BHUWh2TtPkpjxVT37wFfJ+mX87M2F47Fz7Dc9149g/bugDo9yk4WjY > 9Nx/zHahDLK4PCwgKySQZOHFyK0NNH52R6kBDNcILnUrvuCzp0yGbIxPCD2AuS4U > bMj4J+e+o8eqrwAw63/vVDtC2yoGUlYW6z5KuxbYZbBSTq4fJW2lk+5N5lmWmu0= > =lPPU > -----END PGP SIGNATURE----- > _______________________________________________ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
