Project

General

Profile

Actions

Feature #9700

open

Secure Squid HTTPS Proxy

Added by Kyle Klouzal over 2 years ago. Updated about 3 hours ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
Squid
Target version:
-
Start date:
08/26/2019
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

As described here: https://forum.netgate.com/topic/145940/secure-squid-https-proxy
Squid Documentation: http://www.squid-cache.org/Doc/config/https_port/

Allow advanced/alternate configuration within Squid Web GUI to enable and configure squid https_port directive.

Modern browsers have supported secure proxy connections through WPAD and PAC file scripts for a couple years now.

This would involve adding a new configuration block inside Services->Squid->General after "Squid General Settings" and before "Transparent Proxy Settings". This new configuration block would be called "Secure Proxy Settings" and have the following configuration options:
Enable Secure Proxy - Check Box - Enable/Disable use of 'https_port' configuration directive in squid.conf.
Secure Proxy Port - Number Entry - Port number to use during setup of 'https_port' for secure proxy connections.
Certificate - Dropdown - Certificate to use during setup of 'https_port'. Lists current certificates on system.
Other options may be supplied as deemed necessary.

Actions #1

Updated by Kyle Klouzal about 22 hours ago

Selecting 'transparent' mode adds the 'https_port' directive into configs but also adds 'intercept' which is undesired.. Any update on this..?

Actions #2

Updated by Viktor Gurov about 3 hours ago

  • Status changed from New to Feedback

This would involve adding a new configuration block inside Services->Squid->General after "Squid General Settings" > and before "Transparent Proxy Settings". This new configuration block would be called "Secure Proxy Settings" and have the following configuration options:
Enable Secure Proxy - Check Box - Enable/Disable use of 'https_port' configuration directive in squid.conf.
Secure Proxy Port - Number Entry - Port number to use during setup of 'https_port' for secure proxy connections.
Certificate - Dropdown - Certificate to use during setup of 'https_port'. Lists current certificates on system.
Other options may be supplied as deemed necessary.

Already implemented

Kyle Klouzal wrote in #note-1:

Selecting 'transparent' mode adds the 'https_port' directive into configs but also adds 'intercept' which is undesired.. Any update on this..?

Unable to reproduce - enabling 'transparent' mode only adds 'intercept' option, but not 'https_port'
pfSense-pkg-squid 0.4.45_7

Actions

Also available in: Atom PDF