Transparent proxy for HTTPS traffic
Solution 1
It should be enough to just setup transparent proxying for port 80 traffic only, and route port 443 traffic normally.
Solution 2
This link has extensive howto describing transparent HTTP(s) with Squid. If HTTPS filtering is not required then just do not enable the corresponding HTTPS redirect rule (connections to external servers on port 443 will just be NATed, so Squid will not even see them). See http://docs.diladele.com/tutorials/transparently_filtering_https_centos/index.html
Solution 3
HTTPS interception cannot occur without MitM attack. Squid can do this indeed with ssl bumping technique, but it's the same as MitM.
https
Updated on September 18, 2022Comments
-
https over 1 year
I'm looking for a proxy to intercept HTTP traffic na pass through HTTPS traffic. Burp can do that with SSL pass through. With that option, SSL traffic isn't modified or capture, but just tunneled. I don't want to perform man in the middle attacks. Can (for example) squid emulate this behavior?
Edit: Pass through is different from interception. Tunnelled traffic isn't decrypted, just tunnelled.
-
Admin over 9 yearsSquid supports CONNECT requests and can let HTTPS (or anything else really) pass through it.
-
-
https over 9 yearsI don't want to intercept, but to pass through. Read the link I included in my question.