Squid3 HTTPS and SNI



  • Hi,

    I've successfully setup a squid3 + clamav via icap transparent proxy on pfSense 2.2 x64.

    Now i try to use the MITM HTTPS functionnality, but it seems that Squid always uses the first SSL certificate of every server, without honoring SNI and selecting the right certificate for a given virtualhost.

    Is there anything that needs to be configured to HTTPS proxy uses SNI and fetches the right certificate ?

    Regards,
    Ozy.



  • Hi,

    please post your config or screenshoot.

    Thanx.



  • Well i guess it was just too late for me to play with Squid.
    SNI is working indeed, the right client certificate is selected even on servers with multiple SSL certificates per vhost.

    Sorry for the post here :)


Log in to reply