4. Squid3 HTTPS and SNI

Squid3 HTTPS and SNI

  • D

    Hi,

    I've successfully setup a squid3 + clamav via icap transparent proxy on pfSense 2.2 x64.

    Now i try to use the MITM HTTPS functionnality, but it seems that Squid always uses the first SSL certificate of every server, without honoring SNI and selecting the right certificate for a given virtualhost.

    Is there anything that needs to be configured to HTTPS proxy uses SNI and fetches the right certificate ?

    Regards,
    Ozy.

    0
  • W

    Hi,

    please post your config or screenshoot.

    Thanx.

    0
  • D

    Well i guess it was just too late for me to play with Squid.
    SNI is working indeed, the right client certificate is selected even on servers with multiple SSL certificates per vhost.

    Sorry for the post here :)

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy