Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SSL Bump with transparent proxy

    Cache/Proxy
    1
    1
    888
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      all3n
      last edited by

      Hi All, hope someone knows whats wrong here,

      I get an error accessing https sites with squid set in Transparent mode and "ssl/MITM" mode set to "Splice Whitelist/Bump Otherwise"
      the error in the browser is:

      T_he following error was encountered while trying to retrieve the URL: https://http/*

      Unable to determine IP address from host name http

      The DNS server returned:

      Name Error: The domain name does not exist.
      This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct.__he following error was encountered while trying to retrieve the URL: https://http/*

      Unable to determine IP address from host name http

      The DNS server returned:

      Name Error: The domain name does not exist.
      This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct._

      I know this isn't a DNS error really,  it looks like ssl redirect isn't set correctly??
      Works when mode is set to "Splice", but I would really like SSL intercept  MITM working  in transparent mode. I have the CA cert on the the clients installed ok. Squid does MITM when not in Transparent mode.

      Any idea how to configure this correctly?

      thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.