Squid3-Dev - Openssl 1.01 implementation
-
Dear,
Is there any plans for having the implementation of squid3-dev supporting TLS 1.2 for reverse proxy ?
There would also be a need to disable secure client renegociations (on https) to comply with ssllabs tests and protect against DOS attacks ?
Any plan to deliver something this way or any ideas on how to configure the above into pfsense 2.1 ?
Many thanks in advance.
Cheerios
DM -
Do you know compile/config options to enable it?
If if can be done via freebsd ports, I can update it.
-
Hello,
No ideas unfortunately.
Maybe one expert here can help ?
Cheers -
Setting WITH_OPENSSL_PORT=yes in the build options should do it, I think. That, and adding the openssl port to ports_before.
-
Setting WITH_OPENSSL_PORT=yes in the build options should do it, I think. That, and adding the openssl port to ports_before.
Thanks Jimp, I'll test it.
-
Also note that is only going to be viable on 2.1. 2.0.x has no OpenSSL 1.0.x and installing it via pkg may cause other unintended side effects.
-
ok.