The following error was encountered while trying to retrieve https://http/*
-
I have the same error with Default access [all] to allow already.
Anyone knows and helps the solution? Plz.
-
this is happening to me ... squid with active squid guard , and the comon acl with the settings that are said in the first post ,but its not working ... did u guys get it working ???
-
You have to append
url_rewrite_access deny CONNECT
url_rewrite_access allow allto your squid custom options to make the redirect page work in SSL MITM mode.
-
@coffeelover said in The following error was encountered while trying to retrieve https://http/*:
You have to append
url_rewrite_access deny CONNECT
url_rewrite_access allow allto your squid custom options to make the redirect page work in SSL MITM mode.
Where exactly do you put those options? Custom Options (Before Auth) / Custom Options (After Auth) / Custom Options (SSL/MITM)?
SSL/MITM Mode: Splice All, Splice Whitelist, bump otherwise or Custom?
Thanks!
-
I put these in "Custom options (before auth)"
And for complete filtering (URLs instead of domains) of SSL-Traffic via squidguard you have to set the mode to "Splice whitelist, bump otherwise".
Splice: Do not break the SSL Connection
Bump: Break the SSL Connection (Proxy CA on Clients needed) -
Hi Coffee Lover,
I got this error after I added as your suggest:
Fastly error: unknown domain: yahoo.com. Please check that this domain has been added to a service.
Details: cache-sin18030-SIN
Please help.
-
@coffeelover Thanks I have solved it
-
I cannot make this work with the latest version of PF sense. Anything else i should check?
-
I have the same problem, when I´m not using ssl interceptation the page showed is on picture bellow.
But when I actived ssl interception the page showed is bellow.
So I´ve tried to put these lines that you mentioned before , but for me not solved. -
same issue
-
Try
https://forum.netgate.com/topic/100342/guide-to-filtering-web-content-http-and-https-with-pfsense-2-3WPAD as your main setup
and transparent proxy to catch the rest. -
Thx,
actually, i've already setup a wpad but i put a "return direct"
changing for a "return proxy ..." seems to do the trickI don't investigate "more than that" but a windows 10 laptop, even with a proxy configuration try to connect on 443 for a lot of things.
Android apps too... -
@nilux17 In Internet properties lan settings
Is Automatically detect settings checked?Sounds like you are going through the transparent proxy rather than the WPAD
-
@ageekhere
Yeap, of course ! -
-