DEV Community

Cover image for Configuring SSL Bumping in the Squid service
suntong
suntong

Posted on

2 1

Configuring SSL Bumping in the Squid service

repost from https://help.kaspersky.com/KWTS/6.0/en-us/166244.htm, whose Last review was on Jan 18, 2019

To configure SSL Bumping in the Squid service:

  1. Make sure that the utilized Squid service supports the necessary options. To do so, execute the command:

    squid -v

    The configure options parameter must contain the --enable-ssl-crtd and --with-openssl values.

  2. Go to the Squid service folder. To do so, execute the command:

    cd /etc/squid

  3. Create a self-signed SSL certificate. To do so, execute the command:

    openssl req -new -newkey rsa:2048 -days <certificate validity period in days> -nodes -x509 -keyout squidCA.pem -out squidCA.pem

    You will be prompted to fill in the fields of the self-signed SSL certificate.

  4. Please fill in the fields of the self-signed SSL certificate.

  5. Create a trusted certificate to be imported into a browser. To do so, execute the command:

    openssl x509 -in squidCA.pem -outform DER -out squid.der

  6. Import the squid.der file into the browsers of local computer users.
    The method used to import the squid.der file into a browser depends on the type of browser.

  7. Configure the permissions to use a self-signed certificate file. To do so, run the following commands depending on the utilized operating system...

    . . . Details omitted. For this and the next two steps, i.e. steps 7,8,9, refer to the original article. . .

Finally, restart the Squid service. To do so, execute the command:

service squid restart

Configuration of SSL Bumping in the Squid service will be complete.

Image of Datadog

The Future of AI, LLMs, and Observability on Google Cloud

Datadog sat down with Google’s Director of AI to discuss the current and future states of AI, ML, and LLMs on Google Cloud. Discover 7 key insights for technical leaders, covering everything from upskilling teams to observability best practices

Learn More

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more