Squidguard and https



  • I have Pfsense 2.3.4-RELEASE (amd64) running with Squid 3.5.26 + ClamAV 0.99.2_3  + Squidguard 1.16.2, everything working fine with HTTP (pfsense listening on port 80 only), but I would like to use HTTPS instead. So I have the webConfigurator only on HTTPS.

    I have a certificate issued by GoDaddy installed, but when I set pfsense to listen for HTTPS/443, the squidguard error/block pages do not work as they redirect to the error page by IP address, which does not match the cert.

    Does anyone have any ideas on what can/should be done here?

    Thanks



  • I read that I should edit "/usr/local/pkg/squidguard_configurator.inc" if so, which is the line that needs to be edited?

    Could it be line 1246:
    $rdr_path = "http://$guiip:$guiport" . REDIRECT_BASE_URL;


  • Rebel Alliance Developer Netgate

    You do not need to edit anything in the code/files. Just the GUI settings.

    Set the redirect type to "Ext URL Found" and then drop the full URL into your "Redirect Info" box.

    https://your.host.name/sgerror.php?url=403&a=%a&n=%n&i=%i&s=%s&t=%t&u=%u
    

    That setting might be on your Common ACL or other ACL configurations.


Log in to reply