How do you handle dest port 443 ?
It is not enough simply to route all traffic (dest port 80 and dest port
443) to squid:3128. This will not work for https:
May be, you post your complete squid.conf. And the rules for iptables etc.
to achieve transparency.
In squid.conf you will need such stuff like
http_port 3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/myCA.pem
ssl_bump allow all
Start here: http://wiki.squid-cache.org/Features/DynamicSslCert
Of course, you might simply avoid proxying port 443.
-- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/peer-cache-question-tp4659419p4659438.html Sent from the Squid - Users mailing list archive at Nabble.com.Received on Wed Apr 10 2013 - 07:26:03 MDT
This archive was generated by hypermail 2.2.0 : Wed Apr 10 2013 - 12:00:05 MDT