Hello
For a school project I'm trying to intercept SSL connections by using Squid (client -> squid (transparent) -> server).
I'm running Squid 3.1.20 on Ubuntu server 12.10 (64 bit) using the following configuration:
*************************************
http_port 10.0.1.1.:3128 intercept
https_port 10.0.1.1.:443 ssl-bump cert=/user/local/squid3/ssl_cert/myCA.pm
acl our_networks src 10.0.1.0/24
http_access allow our_networks
forwarded_for off
ssl_bump allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER
*************************************
I've
complied squid with SSL support (--enable-ssl). When starting Squid I
do not get any error message. Also, proxying http traffic works without
any problems.
However, when I try to establish a HTTPS session
through squid, the client retrieves the SSL certificate from squid, but
after accepting it the browser displays an error message from squid that
the URL is invalid:
"The following error was encountered while trying to retrieve the URL: /.
Invalid URL"
In the Squid access.log I see the following line:
"<timestamp> 0 10.0.1.5 NONE/440 3503 GET / - NONE/- text/html"
It
appears that squid does strips away the hostname / domain name of the
URL the client tries to access, which causes the error message mentioned
above.
I've already spent hours in finding a solution for this
problem and went through dozens of tutorials, unfortunately I wasn't
able to find a solution so far.
Any ideas what could be wrong?
Regards,
Heinrich
Received on Wed Oct 31 2012 - 15:34:01 MDT
This archive was generated by hypermail 2.2.0 : Thu Nov 01 2012 - 12:00:05 MDT