ClamAV -> Squid HTTPS/SSL Traffic ?
I run Squid with ClamAV enabled on pfSense 2.3. I assume that HTTPS/SSL traffic content is not scanned with ClamAV due to the system of encryption.
But I cannot find an answer if HTTPS/SSL traffic is checked with ClamAV when the option "SSL Man In the Middle Filtering" is enabled. Theoratically it should now be possible to scan the content before encrypting it to the client again but is this really the case or just my guess?
Im not an expert, but you have to setup wpad or install on each browser a cert from pfsense. It will work after that.
How to enable HTTPS Filtering and get it working is clear to me. My question is if in this case the content is scanned with ClamAV compared to non-HTTPS Filtering (passing encrypted content through).
As I understand it, yes. But again I am no expert.
This is actually the next thing I am delving into myself…