Squid SSL filtering cause Dropbox, Live Mail, etc. cant establish connection
-
hello all,
finally i manage to configure everything work on 2.2-RELEASE (amd64). I installed squid3 3.4.10_2 pkg 0.2.6, squidGuard 1.4_7 pkg v.1.9.10 and all is working fine.
Mine problem is, when i configure HTTPS/SSL interception it works fine. Eicar file on HTTPS in blocked and such. I imported certificate to my browser, all si fine…. but!
Any other possible HTTPS which does not go via browser is blocked,.. like Dropbox, Live Mail, Google Drive, even some games launchers, Steam also,... probably everything.
So now, as ima n00b, can someone answer questions;
1. Is it possible to configure filtering but not to use certificate on every new freaking mobile, tablet, laptop, PC... etc, because of guests. I mean, is it even possible to make it work like that at all?
2. Will squid now cache HTTPS traffic now? Will that TCP/HIT be more than tiny 4-8% now?
3. Does anyone have any positive experience with Cache Dynamic Content? Is it even working? Is there anything to do/prepare prior just to enable it?
Many thnx in advance!
-
1. Yes!
2. Squid will cache HTTP or HTTPS. Your hit ratio depend entirely on the sites that you visit and the frequency at which you visit them.4-8% is around the same ratio I get.
3. I have had limited success with dynamic content. Nobody seems to have a config that works well. All the various wikis etc say the same thing: play with it, see what happens, YMMV, but nothing concrete. That combined with the poor hit ratio has me thinking about deploying Squid just as a base for SquidGuard filtering.
