each SslBump step, Squid evaluates ssl_bump directives to find the next bumping action (e.g., peek or splice). Valid SslBump step values and the corresponding ssl_bump evaluation moments are: SslBump1: After getting TCP-level and HTTP CONNECT info. SslBump2: After getting SSL Client Hello info. SslBump3: After getting SSL Server Hello info.
SslBump1, establishes a secure connection with the client first, then connect to the server. ✓ When used on step SslBump2 or SslBump3, establishes a secure connection with the server and, using a mimicked server certificate, with the client. ✓
or server (step SslBump2) certificate while preserving the possibility of splicing the connection. ✓ Peeking at the server certificate (during step 2) usually precludes bumping of the connection at step 3. ✓
or server (step SslBump2) certificate while preserving the possibility of bumping the connection. ✓ Staring at the server certificate (during step 2) usually precludes splicing of the connection at step 3. ✓
connections except those # originating from localhost or those going to example.com. acl broken_sites ssl::server_name .example.com ssl_bump splice localhost ssl_bump splice broken_sites ssl_bump bump all モード: splice: 素通し, bump: 剥いて再SSL化