How to proxy https without changing the certificate?

W

Worlding2015-08-06 12:00:27

Squid

Worlding, 2015-08-06 12:00:27

Good afternoon!

There is now a squid, it proxy https in transparent mode, but browsers often swear at the certificate, some sites do not accept a connection with a certificate substitution (Google's) at all. It's understandable - it's "crap in the middle" in a secure connection.

Hence the purely theoretical (and maybe practical) question of whether it is possible to set up https proxying at all without changing the certificate (transparent or not transparent, in a squid or in something else)?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

Nikita Parfenovich, 2015-10-09
@Worlding

https://linux-admin.tk/?action=viewArticle&articleId=31

A

Andre la'Balm, 2015-09-11
@grumblik

Do you have a proxy for internal users looking outside, or do you want to put some kind of balancer to access your site from the outside?
In the first variant in any way (or methods are not known to me). Unless it's in transparent mode.
In the second option, you need to install a server certificate on the proxy, then it will be able to decrypt and encrypt traffic transparently.