Solved!!! - Bypassing SSL decryption for specific domains on squid3



  • Is it possible?  if possible, how do I do?

    My system;
    PfSense 2.1
    squid3-dev 3.3.8 pkg 2.2
    squidGuard-squid3 1.4_4 pkg v.1.9.5
    Blacklist : shallalist



  • Here is the solution;

    Step1: stopped squid service

    Step2 : Find squid.conf file

    • find / -name "squid.conf"

    Step3 : Should add the following lines in squid.conf file

    acl bump-bypass dst "ip address" or "/…path.../BumpBypass-IPs.txt"
    ssl_bump none bump-bypass
    ssl_bump server-first all

    Stpe4 : started squid service.

    Good luck.


Log in to reply