lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 03:16:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Proxy/ssldump, improve ssl bumping.

Browse Source 
Use peek+stare to check the server cert before making a bump decision.
This commit is contained in:
Ad Schellevis 2018-01-12 18:30:20 +01:00
parent 60e4e8080c
commit e610b1832d
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/opnsense/service/templates/OPNsense/Proxy/squid.conf
View File

@ -70,13 +70,15 @@ ssl_bump peek bump_step1 all
ssl_bump splice all
ssl_bump peek bump_step2 all
ssl_bump splice bump_step3 all
ssl_bump bump
{% else %}
ssl_bump splice bump_nobumpsites
ssl_bump peek bump_step1 all
ssl_bump peek bump_step2 bump_nobumpsites
ssl_bump splice bump_step3 bump_nobumpsites
ssl_bump stare bump_step2
ssl_bump bump bump_step3
{% endif %}
ssl_bump bump
sslproxy_cert_error deny all
{% endif %}