Squid and Discord
-
I have Squid set up for transparent proxy, with SSL intercept. I installed the CA in Windows (and in Firefox, which apparently doesn't use the Windows stuff). Everything works flawlessly for http or https, except Discord, which stops on the connecting screen until it times out, in both Chrome and Firefox. I can find nothing about this anywhere. Anybody out there have any idea what's going on?
-
I still don't know what the issue is, but I have figured out a workaround. Digging through the logs, it would appear that the log-in process at Discord involves either gateway.discord.gg or ssl.gstatic.com, so I added those (and discordapp.com) to the bypass list of destinations, and now Discord seems to work properly.
-
@taustinoc Hi there, im doing sth similar for my thesis, can you please contact me at deniss.zefi@gmail.com
-
@taustinoc I have the same issue with discord when using HTTPS/SSL Interception.
Looking at https://10scopes.com/fix-discord-404-error
It seems that discord does not like going through a proxy.
I am thinking it may have to do with security reasons.Connection error message
TCP_MISS/404 734 GET https://gateway.discord.gg/? - HIER_DIRECT/162.159.135.234
For now to solve either bypass discord in squid or if using SSL/MITM Mode Custom add to Custom Options (SSL/MITM)
acl no_ssl_bump ssl::server_name .discord.com acl no_ssl_bump ssl::server_name .discord.gg
If someone finds a better solution post below
-
@ageekhere First, if using a transparent proxy you don’t need to load any certificates on any machine. That’s the point of a transparent proxy.
Secondly if you add the domain to the whitelist under the ACL tab this would most likely resolve as it won’t be trying to break TLS.
Thirdly, you are better off removing Squid from your set up. Maintenance + no benefit. What are you gaining from doing MITM? -
@michmoor yeah i am just playing around with trying to cache https content and filter https site content using e2guardian. This is not a production environment and more of a learning exercise.
I am finding that MITM bump breaks a lot of things.