tachtler:squid_centos_7
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
tachtler:squid_centos_7 [2017/10/19 13:08] – [Portal Splash Pages - Konfiguration] klaus | tachtler:squid_centos_7 [2017/10/19 16:45] (aktuell) – [ssl_bump-Konfiguration] klaus | ||
---|---|---|---|
Zeile 6884: | Zeile 6884: | ||
# Tachtler - ssl_bump configuration - | # Tachtler - ssl_bump configuration - | ||
# default: http_port 3128 | # default: http_port 3128 | ||
- | http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB key=/ | + | http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB key=/ |
- | always_direct allow all | + | |
ssl_bump server-first all | ssl_bump server-first all | ||
- | sslproxy_cert_error allow all | + | sslproxy_options NO_SSLv2, |
- | sslproxy_flags DONT_VERIFY_PEER | + | |
sslcrtd_program / | sslcrtd_program / | ||
sslcrtd_children 5 startup=1 idle=1 | sslcrtd_children 5 startup=1 idle=1 | ||
Zeile 6956: | Zeile 6954: | ||
# Tachtler - ssl_bump configuration - | # Tachtler - ssl_bump configuration - | ||
# default: http_port 3128 | # default: http_port 3128 | ||
- | http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB key=/ | + | http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB key=/ |
- | always_direct allow all | + | |
ssl_bump server-first all | ssl_bump server-first all | ||
- | sslproxy_cert_error allow all | + | sslproxy_options NO_SSLv2, |
- | sslproxy_flags DONT_VERIFY_PEER | + | |
sslcrtd_program / | sslcrtd_program / | ||
sslcrtd_children 5 startup=1 idle=1 | sslcrtd_children 5 startup=1 idle=1 | ||
Zeile 6972: | Zeile 6968: | ||
* '' | * '' | ||
* '' | * '' | ||
- | |||
- | * < | ||
- | Ermöglicht es dem [[http:// | ||
* < | * < | ||
Ermöglicht es dem [[http:// | Ermöglicht es dem [[http:// | ||
- | |||
- | * < | ||
- | Bestimmt das Verhalten des [[http:// | ||
:!: **HINWEIS** - **Aus Sicherheitsaspekten __sollte hier später__ '' | :!: **HINWEIS** - **Aus Sicherheitsaspekten __sollte hier später__ '' | ||
- | * < | + | * < |
- | Weist den [[http:// | + | Weist den [[http:// |
* < | * < | ||
Zeile 7756: | Zeile 7746: | ||
# Squid normally listens to port 3128 | # Squid normally listens to port 3128 | ||
- | # Tachtler - ssl_bump configuration - | + | http_port 3128 |
- | # default: | + | |
- | http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB key=/ | + | |
- | always_direct allow all | + | |
- | ssl_bump server-first all | + | |
- | sslproxy_cert_error allow all | + | |
- | sslproxy_flags DONT_VERIFY_PEER | + | |
- | sslcrtd_program / | + | |
- | sslcrtd_children 5 startup=1 idle=1 | + | |
# Uncomment and adjust the following to add a disk cache directory. | # Uncomment and adjust the following to add a disk cache directory. |
tachtler/squid_centos_7.1508411327.txt.gz · Zuletzt geändert: 2017/10/19 13:08 von klaus