Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
Roman Kulakovich2015-09-30 08:07:33
Skype
Roman Kulakovich, 2015-09-30 08:07:33

Squid3 + their certificates for https + Skype =?

Good time of the day. Can't force Skype to log in. Help with advice, what am I missing?

I use:
pfSense 2.2.1-RELEASE (amd64) FreeBSD 10.1-RELEASE-p6
squid3 v0.3.4 HTTPs

filtering through its certificates is configured, Squid works like clockwork, there are no complaints about its work. In addition to it, I installed SquidGuard, similarly, there are no problems with surfing the Internet. Video, music is blocked. Sites that interfere with work no longer distract users from work. But in the case of Skype, everything is bad. If you turn off https filtering, then authorization passes.

I assume Skype uses its own certificates to connect to the server, and ignores those in "trusted CAs". Am I correct in my guess and how can I solve this problem? Do not let everyone who uses Skype past the proxy ...

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
N
Nikolai Chuprina, 2016-03-24
@Wernisag

If you're filtering HTTPS sites through Squid, then Peek and Splice probably won't help!
You don't know in advance which servers Skype connects to - and the list of its servers doesn't exist as such, because it's P2P.
I found a solution for myself on pfSense - installing 3proxy and then setting up Skype clients on it.
While I'm testing - on several machines Skype through 3proxy works without problems.
Thus, you will not lose the ability to filter HTTPS sites and Skype will go through a separate channel. Unfortunately, I didn’t write down how to install 3proxy, you yourself will have to restore the information.

Report
D
Dmitry Lebedev, 2015-09-30
@k3NGuru

Here is a checkmark for 80 and 443 ports?
https://yadi.sk/i/Pgk43gP9jQvNp

Report
N
Nikita Parfenovich, 2015-11-20
@nagibat0r

And you try to go to google mail. Come in? No))) That's why Skype is not authorized. You have MITM, which is not allowed on resources such as Skype, personal mail, etc. Smoke the Peek and splice theme without certificate spoofing.

Similar questions
R
rolikoff2014-02-27 18:56:20
How to disable push notifications in Skype for iOS without removing it from the notification center? 2Reply
M
Max2018-10-03 05:45:34
How to start a Skype login as simple as before without “live:” and not an email from scratch? 1Reply
J
Jevgenii2018-11-16 20:34:45
How to solve the problem with skype update? 3Reply
R
rechmp2014-05-28 09:17:13
Why is Skype banning my IP address? 1Reply
A
Artrik2016-07-07 18:08:11
How to set up the transfer of a voice call from mobile to computer? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question