I use Diladele web security with Squid, which uses self signed certificates for https transparent proxy. It’s a pain to install the the ca as trusted on all of the devices. Has anyone done this and if so, what is the best way to make it work?
If by “transparent https proxy” you mean that is will be doing inline HTTPS inspection, that will not be possible; as you will require a trusted CA certificate.
One that your clients trust; so that your appliance can create certs on the fly for any and every domain being visited.
It creates a man-in-the-middle - on purpose, for that very purpose - to be in the middle and inspect all HTTPS traffic.
But there is no CA in the world that will grant anyone such a cert.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.