gpt4 book ai didi

macos - squidman代理服务器支持https吗?

转载 作者:行者123 更新时间:2023-12-05 06:26:43 35 4
gpt4 key购买 nike

我正在尝试在我的本地 mac 上设置代理服务器。

http - 似乎有效。

但是 Safari 没有通过 https 连接。

我错过了什么吗?

最佳答案

不,它没有。您需要指定单独的 https 端口和 ssl 证书,如 squid 配置中所述:

The socket address where Squid will listen for client requests made over TLS or SSL connections. Commonly referred to as HTTPS.

This is most useful for situations where you are running squid in accelerator mode and you want to do the TLS work at the accelerator level.

You may specify multiple socket addresses on multiple lines, each with their own certificate and/or options.

The tls-cert= option is mandatory on HTTPS ports.

See http_port for a list of modes and options.

http://www.squid-cache.org/Doc/config/https_port/

按照设计,拦截 https 流量是相当困难的:

When a browser creates a direct secure connection with an origin server, there are no HTTP CONNECT requests. The first HTTP request sent on such a connection is already encrypted. In most cases, Squid is out of the loop: Squid knows nothing about that connection and cannot block or proxy that traffic.

您还需要将浏览器的代理设置加载为 PAC 文件,否则浏览器将无法连接或抛出证书警告:

Chrome The Chrome browser is able to connect to proxies over SSL connections if configured to use one in a PAC file or command line switch. GUI configuration appears not to be possible (yet).

More details at http://dev.chromium.org/developers/design-documents/secure-web-proxy

Firefox The Firefox 33.0 browser is able to connect to proxies over TLS connections if configured to use one in a PAC file. GUI configuration appears not to be possible (yet), though there is a config hack for embedding PAC logic.

There is still an important bug open:

Using a client certificate authentication to a proxy: https://bugzilla.mozilla.org/show_bug.cgi?id=209312

https://wiki.squid-cache.org/Features/HTTPS

关于macos - squidman代理服务器支持https吗?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55773395/

35 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com