SSL_Bump Bypass

eliezer.axiem · April 11, 2016, 7:31am

Hi Team,

I would like to asked if there is an option in SSL_Bump configuration that I can bypass all windows application that uses the internet like skype, dropbox etc? Thank you.

Regards,

Eliezer Ga

giacomo · April 11, 2016, 9:13am

Yes, you should modify the SSLBypass option:
http://docs.nethserver.org/projects/nethserver-devel/en/latest/web_proxy.html

eliezer.axiem · April 11, 2016, 10:05am

Hi @giacomo Thank you for this but I am completely lost. Where can I find the fwrule? And can you give me example what do i need to encode ? Espacially windows applucation like skype amd dropbox? Thanks

giacomo · April 11, 2016, 11:41am

You must add a list of domains as the option. Example:

config setprop SSLBypass dropbox.com,skype.com
signal-event nethserver-squid-update

The domain list depends on what servers each program try to access.

eliezer.axiem · April 11, 2016, 11:48am

I tried it however it is not working in dropbox and skype client in windows

flatspin · April 11, 2016, 1:00pm

Hi @giacomo: shouldn’t the command be “config setprop squid SSLBypass dropbox.com,…”?

giacomo · April 11, 2016, 1:18pm

Absolutely, my bad! I was writing from my smartphone.

@eliezer.axiem try with this:

config setprop squid SSLBypass dropbox.com,skype.com
signal-event nethserver-squid-update

But you must take care to correctly fill the domain list.

eliezer.axiem · April 11, 2016, 1:33pm

Will try on this and give you feedback. Thank you

alefattorini · April 14, 2016, 8:19am

Is it worked? Please mark as solved