Re: [squid-users] https in transparent mode (fwd)

From: Al - Image Hosting Services <azick_at_zickswebventures.com>
Date: Tue, 13 Oct 2009 21:21:42 -0500 (CDT)

Hi,

On Wed, 14 Oct 2009, Amos Jeffries wrote:

> Date: Wed, 14 Oct 2009 13:22:48 +1300
> From: Amos Jeffries <squid3_at_treenet.co.nz>
> To: Andres Salazar <ndrsslzr80_at_gmail.com>
> Cc: squid <squid-users_at_squid-cache.org>
> Subject: Re: [squid-users] https in transparent mode
>
> On Tue, 13 Oct 2009 18:28:15 -0500, Andres Salazar <ndrsslzr80_at_gmail.com>
> wrote:
>> Hello,
>>
>> Ive been searching for ways to conduct httpd through the transparent
>> mode of squid. This is because Id like to use squids ACLs not so much
>> as the caching that obviously doesnt work with this protocol.
>>
>> Are there ways I can proxy https? Ive heard somebody mention that it
>> is possible by specifying that it should go with a CONNECT method...
>> I tried searching the faq for an example of this but i wasnt
>> successful...
>>
>> Please advise..
>>
>> Andres
>
> Squid will not do what you want.
>
> HTTPS was created and designed explicitly to prevent traffic interception
> security attacks (aka transparent mode proxies).
>
> CONNECT method is an HTTP plain wrapper only used when the browser knows
> it is talking to a proxy.

But is there a universal way to make all browsers on an end users system (like
windows or mac) use the CONNECT method? It seems like there should be a way to
force this behavior. The only thing that I found is to have sort of a script
that modifies the browsers config file, which means that I have to write one
for each browser out there.

Best Regards,
Al
Received on Wed Oct 14 2009 - 02:21:48 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 14 2009 - 12:00:02 MDT