Using a Squid proxy with HTTPS

Squid in the Middle

Article from Issue 143/2012

How do you monitor the network when your client systems are connecting to secure web servers through HTTPS? We’ll show you how to keep watch using the Squid proxy server and share some inventive certificate tricks.

Network- and host-based intrusion detection is pretty much a mandatory requirement now if you want to keep your network under control. Back in the good old days, when your Internet connection was a dial-up link (for the entire company), you could just keep software up to date, install a firewall, and call it a day.

Since then, things have changed significantly. Almost all computers are now attached to the Internet all the time. Most of these computers are behind firewalls and NAT-based systems – so they can use the Internet, but the Internet can’t initiate connections to them. This strategy worked pretty well until clients started using prodigious amounts of data from the Internet, especially the World Wide Web and email. Now, to add insult to injury, almost all web and email clients include JavaScript support and newer technologies like HTML5 and web sockets.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security Lessons – Squid Filtering

    Kurt describes how to use Squid's ACLs and ICAP when you want to limit Internet access, for whatever reason.

  • Squid at Home

    Are your children wearing out their eyeballs on the Internet? Squid will help you impose some time limits and filter out inappropriate content.

  • Squid Bridge

    Caching proxies remember web pages and serve them up locally, saving both money and time. The most intelligent members of this family also remove dangerous content and provide transparent bridging.

  • Squid proxy server

    A proxy server provides safer and more efficient surfing. Although commercial proxy solutions are available, all you really need is Linux and an old PC in the attic.

  • SafeSquid

    If you are looking for a secure option for home surfing and want to protect your children against questionable web content, you need a filtering proxy. SafeSquid is a commercial proxy tool, but it comes with a free version for private users.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More