[squid-users] https traffic using squid and icap

From: sjaipuri <sjaipuri_at_gmail.com>
Date: Thu, 20 Jun 2013 11:49:05 -0700 (PDT)

Hi,

I am working on one of my project in which I have to capture https traffic
in plain text format. I am using squid with sslbump along with c-icap, both
running on Fedora.

Below is the part of squid.conf I am using.

icap_enable on
icap_send_client_ip on
icap_send_client_username on
icap_client_username_encode off
icap_client_username_header X-Authenticated-User
icap_preview_enable on
icap_preview_size 102400000
icap_service service_req reqmod_precache bypass=0
icap://172.30.30.212:1344/virus_scan
icap_service service_resp respmod_precache bypass=0
icap://172.30.30.212:1344/virus_scan
adaptation_access service_req allow all
adaptation_access service_resp allow all

http_access allow all

http_port 3128 ssl-bump generate-host-certificates=on
dynamic_cert_mem_cache_size=4MB cert=/etc/ssl/certs/perCA.pem

always_direct allow all
ssl_bump allow all
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER

Even though above setting, when I capture https traffic using tcpdump, its
still encrypted.
Can anyone help me or guide me to right direction?

Thanks in advance.

Sagar

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/https-traffic-using-squid-and-icap-tp4660720.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Thu Jun 20 2013 - 18:49:46 MDT

This archive was generated by hypermail 2.2.0 : Fri Jun 21 2013 - 12:00:36 MDT