Hi;
In previous versions of squid(before v3.3) we used squid for
intercepting SSL traffic and content filtering it using dansguardian
and then encrypting it again. Only problem was "Browser SSL Warnings".
Our network scheme is like below:
Client [HTTPS encrypted] ---> Squid1 (port 3128) [Decrypting HTTPS and
sending dansguardian HTTP]---> Dansguardian (port 8080) [HTTP
continued]---> Squid2 (port 3129) [Again encrypting HTTP to HTTPS]--->
Destination server [Receives HTTPS]
Now after "SSL mimicing" and "Dynamic SSL certificate generation"
functions added, we wanted to use these features and prevent "Browser
SSL Warnings". But when we tried using squid 3.3.5 we couldn't do MITM
trick with squid using dansguardian. So my question is it possible to
decrypt SSL traffic filter it with dansguardian and after that encrypt
the traffic again. Or are we trying something which is technically not
possible with squid v3.3.5?
Thanks in advance.
-- Deniz ErenReceived on Tue Jun 18 2013 - 18:48:30 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 19 2013 - 12:00:04 MDT