Squid setup for SSL sniffing

Download source code of Squid from http://www.squid-cache.org/Versions/. I used version 3.5.3 that is her http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.3.tar.gz

Prepare the environment to build (Ubuntu)

Configure Squid

cd ~/squid/squid-3.5.3

./configure — with-openssl — enable-ssl-crtd

Build Squid


sudo make install

It will install everything to /usr/local/squid

Change config file to allow connection from your or other machine and configure SSL bumping. Here is an example of working squid.conf

Generate SSL certs

Generate the certificate for client Browsers

Import the Certification Authority fail myCA.der into your browser (you need to do this only once)

For example, in FireFox:

1. Open ‘Preferences’

2. Go to the ‘Advanced’ section, ‘Encryption’ tab

3. Press the ‘View Certificates’ button and go to the ‘Authorities’ tab

4. Press the ‘Import’ button, select the .der file that was created previously and press ‘OK’

Create SSL Cache folder and change permissions

Allow access to the log folder

sudo chmod 777 /usr/local/squid/var/logs

Start the magi-sty Squid

sudo /usr/local/squid/sbin/squid start

Building the future, team visibility advocate

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store