Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ALL HTTPS SITES ARE BLOCKED

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O Offline
      osama.mansoor
      last edited by

      Hi,

      To Block HTTPS based traffic i used certificate method.

      I just generate certificate use 'CERT MANAGER' and Enable "SSL MAN IN THE MIDDLE FILTERING'  and Configure "SQUID ACCESS CONTROL LIST" on Blacklist type www.facebook.com and on Whilelist type www.twitter.com but both sites generating error and not able to open also import SSL based certificate on browser.

      please help.

      1 Reply Last reply Reply Quote 0
      • H Offline
        Harvy66
        last edited by

        @osama.mansoor:

        not able to open also import SSL based certificate on browser.

        You can't figure out how to do this or are not allowed or otherwise incapable of doing this? The whole point of HTTPS is to detect and defend against man in the middle. If you want to man in the middle your browsers, you need to insert your cert. Why do you think even the USA government is so worked up about HTTPS?

        1 Reply Last reply Reply Quote 0
        • O Offline
          osama.mansoor
          last edited by

          Well my mission is just to block HTTPS based traffic so i adopt this method , i already inserted certificate on browser but certificate warning message occurs.

          1 Reply Last reply Reply Quote 0
          • H Offline
            Harvy66
            last edited by

            I don't use SQUID, but the few times I used cert overrides, I always inserted into the OS, not the browser. I know the browser does support managing certs to some ability, but like for PFSense's web UI, I download the CA and inserted that directly into Windows to solve the cert warning.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.