On 07/28/2013 03:37 PM, csn233 wrote: > To intercept HTTPS traffic, is SSL-bump a must? Even when I only want > to record the CONNECT traffic in access.log just like a normal forward > proxy without decrypting anything? > > Is this any different with TPROXY? > Indeed SSL-bump is a must.. You will be able to record the CONNECT traffic when using: "sslbump deny all" like acl. I do not remember the exact way to do it but it is possible.
Eliezer
