Re: Squid with https in transparent mode

To: debian-user@lists.debian.org
Subject: Re: Squid with https in transparent mode
From: "Karl E. Jorgensen" <karl.jorgensen@nice.com>
Date: Wed, 26 Jun 2013 14:59:41 +0100
Message-id: <[🔎] 20130626135941.GV15076@hawking>
In-reply-to: <[🔎] 51C987FE.1000105@frank.uvena.de>
References: <[🔎] 51C987FE.1000105@frank.uvena.de>

On Tue, Jun 25, 2013 at 01:07:26PM +0100, Frank Lanitz wrote:
> Hi folsk,
> 
> Is there a way of using a squid proxy in transparent way, just to put
> the traffic and forward it via another proxy to outside network(no
> caching etc) w/o doing man-in-the-middle? Currently I've got this
> running for http via
> 
> cache_peer xx.xx.xx.xx parent 3128 7 no-query default
> never_direct allow all
> 
> and a transparent setup for SSL. If I'm entering the proxy directly into
> e.g. Firefox it's working -- but don't got it running via transparent mode.

HTTPS (a.k.a. HTTP-over-SSL) is not amenable to transparent proxying -
the encryption is designed to be end-to-end.

However, I believe that you can make squid a front-end for a web site
if you give the SSL keys to squid - but this may be a different use
case than yours....

Perhaps if you describe what you're trying to achieve, the list can
come up with other/better ways of reaching that goal?

-- 
Karl E. Jorgensen

Reply to:

Follow-Ups:
- Re: Squid with https in transparent mode
  - From: Frank Lanitz <frank@frank.uvena.de>

References:
- Squid with https in transparent mode
  - From: Frank Lanitz <frank@frank.uvena.de>

Prev by Date: Re: INSTALLATION OF DEBIAN IN WINDOWS XP
Next by Date: Re: Nvidia and 4 monitors in 7.1
Previous by thread: Squid with https in transparent mode
Next by thread: Re: Squid with https in transparent mode
Index(es):
- Date
- Thread