Hi Amos, I'm using ssl-bump it's cooperate with https_port? בתאריך יום ב׳, 12 בינו׳ 2026 ב-19:12 מאת Amos Jeffries < [email protected]>:
> On 12/01/2026 21:44, Matus UHLAR - fantomas wrote: > > On 11.01.26 16:58, Ben Goz wrote: > >> My customer netskope cloud configures forward to proxy to my squid > proxy. > >> The forwarding works only if Netskope's ssl decryption disabled, If ssl > >> decryption enabled > >> I can't see in the access log the traffic forwards to squid from > >> Netskope. > >> > >> I suspect that Netskope forwards encrypted data to squid but I'm not > sure > >> that is the case because the Connect request is never encrypted and I > >> don't > >> see it on the access log. > > > > > >> Anyones know how Netskope and squid can work together without disabling > >> Netskope decryption (MITM)? > > > > This is completely issue of netskope proxy. > > > > If netskope proxy decides to forward or not to forward request to squid, > > squid can't do anything with it. > > > Nod. If there is no CONNECT tunnel request reaching Squid then it is not > being forwarded in the classical "over-HTTP" way. > > I would check to see what is happening on port 443 when the traffic is > "forwarded". HTTPS may actually be routed rather than relayed/proxied. > Or perhapse it is being sent to some other port number, though how to > find that may require asking your customer or Netskope directly for more > details on how it is setup there. > > > FWIW, Squid can receive HTTPS/443 traffic fine. Just use "https_port" > (note the 's') to receive it instead of the regular HTTP port, and will > need a SSL server certificate (can be self-signed) for your Squid which > the customer software trusts. > > > HTH > Amos > > _______________________________________________ > squid-users mailing list > [email protected] > https://lists.squid-cache.org/listinfo/squid-users >
_______________________________________________ squid-users mailing list [email protected] https://lists.squid-cache.org/listinfo/squid-users
