> From: csn233 <[email protected]> >Sent: Monday, 29 July 2013 10:40 PM >Subject: Re: [squid-users] Basic questions on transparent/intercept proxy
>On Sun, Jul 28, 2013 at 9:11 PM, Amm <[email protected]> wrote: >> ----- Original Message ----- >> >>> From: csn233 <[email protected]> >>> To: "[email protected]" <[email protected]> >> >>>To intercept HTTPS traffic, is SSL-bump a must? Even when I only want >>> to record the CONNECT traffic in access.log just like a normal forward >>> proxy without decrypting anything? >> >> No. But it will log only IPs not the host name or URL. >> >> Amm >No, as in ssl-bump is not a requirement for HTTPS traffic to be >logged? Your answer seems to be different from other replies. Can you >provide examples of how? I am not sure if I understood your previous question right. I think what others said is right. Here is what I have done. (simplified version) https_port 8081 intercept ssl-bump generate-host-certificates=on cert=/etc/squid/ssl_cert/squid.pem #ssl_bump none all #<--- this line is not required So ssl-bump as a keyword is required on https_port but you dont need ssl_bump ACL line (by default it bumps nothing). Traffic will be logged just as IP. (Not actual hostname) Regards, Amm.
