[squid-users] HTTPS Requests in a Transparent Proxy without SSL Bump

[Gonzalo Vázquez Enjamio]

Thanks for the reply.

My question is if it would be possible to log HTTPS traffic, in a Squid in
transparent mode, without intercepting the traffic?

I know it's possible with a proxy in explicit mode, but in transparent mode?

Thanks.

El vie, 17 oct 2025 a las 15:24, Alex Rousskov (<
rousskov at measurement-factory.com>) escribió:

> On 2025-10-17 05:57, Gonzalo Vázquez Enjamio wrote:
>
> > Is it possible to handle HTTPS requests and log them in a transparent
> > proxy with Squid without using an SSL Bump?
>
> If you are asking about intercepted TLS connections (i.e. https_port),
> then all Squid can do with them (without SslBump) is to log TCP-level
> details of each connection. No individual HTTP requests are visible to
> Squid in this setup.
>
> If you are asking about plain text HTTP requests for "https://..."
> targets/URLs arriving on an intercepted plain TCP connection (i.e.
> http_port), then Squid should be able to handle (e.g., deny, forward,
> cache, and log) those requests individually.
>
> If you do not know which case applies to you, it is most likely the
> first case because plain "GET https://..." requests are rare and are
> usually seen in non-intercepting setups.
>
>
> HTH,
>
> Alex.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20251020/7f90f8c7/attachment.htm>