On 31/08/2013 4:15 p.m., junio wrote:
> staff finished compiling the squid version 3.1 on debian Wheezy with ssl
> support (--enable-ssl --enable-ssl-crtd ...), with the main aim of blocking
> sites that use this type of connection, but not I have the slightest idea of
> how to start the configuration, I have several questions the first one and
> if I have to redirect traffic from port 443 to port 3128 with iptables, or
> is not necessary?, the second doubt is, what the syntax of new acls?, eg acl
> ssl_bump and other podecem would greatly appreciate if you guys send me an
> example of the configuration file.
There are major security and reliability issues in the experimental SSL
bumping in 3.1 version.
Please instead use at least 3.2.13 and preferrably the latest 3.3
release where most of the security issues have been resolved.
Amos
Received on Sat Aug 31 2013 - 04:22:42 MDT
This archive was generated by hypermail 2.2.0 : Sat Aug 31 2013 - 12:00:30 MDT