Print

Print


You can't, not unless you man in the middle it.  In this case there
will actually be two ssl sessions going on.  One between the proxy server
and say gmail and the other between the client and the proxy server.

If you used a self signed certificate it would prompt the user, but you
could get a cert from GoDaddy.


Paul Wood
P. 802-382-1720
[log in to unmask]
Systems Administrator, ACSU

♻ Please consider the environment before printing this email. ♻
WARNING: This message may contain information that is confidential and/or
protected under the Family Education Rights and Privacy Act or other
lawfully recognized privilege. If you receive this message in error or
through inappropriate means, please reply to this message to notify the
Sender that the message was received by you in error, and then permanently
delete this message from all storage media, without forwarding or retaining
a copy.



On Tue, Aug 2, 2011 at 2:24 PM, Susan Briere <[log in to unmask]> wrote:

> Currently have a CentOS 5.2 server running DansGuardian. The server has one
> network interface. Added a rule to IPTables to redirect all Port 80 traffic
> to 8080 and Dans' passes it on to Squid and it works great. Not sure how to
> handle SSL traffic on port 443, though. It's getting dropped. I understand
> that I can't redirect port 443 as it could technically act as a
> man-in-the-middle, which would not be kosher. Are there any reasonably
> straight-forward solutions that would allow the SSL traffic to proceed?
>
> I know there are more involved solutions, as well as more expensive
> solutions, but this is what we have for now. Hoping for a sweet
> workaround...
>
> Thanks much, Susan Briere
> Technical Support, RNESU
>