SSL Man In the Middle Filtering blocking any app
-
https://forum.netgate.com/topic/100342/guide-to-filtering-web-content-http-and-https-with-pfsense-2-3/166
Read the last few comments
-
Thanks but
I set manualy proxy and port in android phone..but didn't work any appAnd define rule in NAT port forward
80 and 443 redirect to pfsense lan address port 3128But not work any app
-
Many believe that HTTPS MITM is an unsound practice if not immoral. Personally, I am one of them.
When you click transparent proxy you automatically get a port forward on the squid interfaces that forwards all port 80 traffic to 3128.
If you also check HTTPS you also get a port forward for port 443 traffic to port 3129.
Those are the default ports.
If you set the clients manually you do not need port forwards and should disable transparent mode.
Everything you should need is here:
https://www.youtube.com/watch?v=xm_wEezrWf4
-
Thanks for your good answer ... The things you said are true, but the problem with Internet access is that the smartphone apps are still up to date with MITM...
But when I use MITM - splice all ...any app work correctlyI also believe that https MITM is not applicable ... but where need control bandwidth through squid...
-
Splice all is not MITM.
-
... I mean, in Man in the middle, enable the splice all option, the problem is resolved, but the monitoring on 443 is not complete.
-
This post is deleted! -
I searched on other sites that are related to squid.
This problem has been reported by squid users but no solutions have been madeHas anyone had this problem? Has it resolved?
-
Android apps, by default, don't trust roots installed by the user/admin. This security feature was added in Android N.
-
Thanks
There is no solution right now? -
The MITM "problem" will probably never get solved.
-
@gertjan said in SSL Man In the Middle Filtering blocking any app:
The MITM "problem" will probably never get solved.
Thank you very much
