Hi Elijah,
On Thursday 18 May 2006 14:43, Elijah Alcantara wrote:
> Hi,
>
> I've been trying to setup transparent proxy and it seems to be working
> for most sites except for those that have secure logins
> (mail.yahoo.com, gmail, sourceforge), could this be that ssl thing at
> work here? (sorry, I'm quite new to this ssl thing) Is it required for
> the squid proxy server to have --enable-ssl working so that clients
> can open those sites ?
>
> I noticed that manually setting proxy at the browser will enable
> opening of ssl sites, but leaving it with no proxy will cause the page
> to just simply load forever (transparent proxy's side).
https and transparent proxying (or interception proxying) is not possible by
design.
> I'm asking this 'cause I'm having a bit of a trouble producing those
> certificates & keys, gives me some weird error & stuff...
That would be what is called "man-in-the-middle attack" ...
Search the mailing lists archive, you'll find a lot of discussions on this
there.
Regards,
Peter
-- Peter Albrecht, Novell Training Services, peter.albrecht@novell.comReceived on Thu May 18 2006 - 07:23:10 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT