[squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump

Alex Rousskov rousskov at measurement-factory.com
Fri Oct 17 13:24:30 UTC 2025

Previous message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Next message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2025-10-17 05:57, Gonzalo Vázquez Enjamio wrote:

> Is it possible to handle HTTPS requests and log them in a transparent 
> proxy with Squid without using an SSL Bump?

If you are asking about intercepted TLS connections (i.e. https_port), 
then all Squid can do with them (without SslBump) is to log TCP-level 
details of each connection. No individual HTTP requests are visible to 
Squid in this setup.

If you are asking about plain text HTTP requests for "https://..." 
targets/URLs arriving on an intercepted plain TCP connection (i.e. 
http_port), then Squid should be able to handle (e.g., deny, forward, 
cache, and log) those requests individually.

If you do not know which case applies to you, it is most likely the 
first case because plain "GET https://..." requests are rare and are 
usually seen in non-intercepting setups.

HTH,

Alex.

Previous message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Next message (by thread): [squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the squid-users mailing list