On 2/05/2014 11:21 p.m., Jay Jimenez wrote: > Hi Amos, > > Thank you for the response. > > Any advice of how would I know exactly what SSL/TLS version skype is > using and how do I enable those versions to my squid box? > > What are changes in 3.4.5 in terms of ssl bumping? Would it help me on > my existing transparent setup to resolve my skype issue?
When the first few bytes of the client message are received by squid before tunneling (CONNECT or a fake-CONNECT in interception) they used to be dropped. Causes some strange behaviour. I am unsure if its actually involved, but when debugging these its good to be rid of one potential source of confusion. The only way I know of to debug through Squid the SSL/TLS protocol version is the messages displayed by clientNegotiateSSL. The alternative is taking a tcpdump packet trace of the connection setup and looking at what WireShark says. Amos
