Squid3-dev https,ssl interception do not work in proxy mode



  • HI

    i've been testing squid3-dev for https,ssl interception with the proxy mode in vain
    i've created the CA and all is ok but when i enter a https site there is no certificate warning and the browser display the original site certificate and not the self signed one that i created so there is no interception

    when i select "transparent http proxy" the interception work fine and i am getting the pfsense self signed certificate for each https site

    i've re-installed pfsense many times to be sure that at each test pfsense configuration is clean.

    is this a known bug or the interception must also work fine with the proxy mode ?

    can you give me a hint ? i really dont understand, just the fact of enabling transparent mode make the interception work, without transparent mode there is no https ssl interception

    i am using the 3.3.10 pkg 2.2.6 version of squid3-dev and 2.1.4 for pfsense

    Thanks a lot



  • For HTTPS transparent mode to work, you must install your CA cert as a trusted CA in your web browser on every client that will use the proxy.



  • Hi

    my problem is not about transparent mode, i want to use squid with proxy mode, and in this mode the ssl interception doesnt work.
    i am now just testing then i am not deploying certificate on the clients.

    so when there is proxy configured in the browsers port 3128, internet is working but there is no ssl interception even if the HTTPS/SSL interception is enabled and the CA configured

    when i configure squid3-dev with the transparent mode and remove proxy from browsers internet is working also the ssl interception

    my question is whay the ssl interception doesnt work for proxy mode ?

    Thanks



  • did you solved the problem?


Log in to reply