Adding exclusions for SSL Bumping

You may need to add exclusions for SSL Bumping in the following cases:

To add exclusions for SSL Bumping:

  1. Create a file named /etc/squid/donotbump.list containing a list of domain names of the web resources and hosts that you want to add to exclusions.

    Each domain name must be listed on a new line.

    To add a domain with all its subdomains to exclusions, put a dot at the beginning of the value (for example, .domain.com).

  2. Add the following directives to the configuration file /etc/squid/squid.conf:

    acl do_not_bump dstdomain "/etc/squid/donotbump.list"

    ssl_bump splice do_not_bump

    These strings must be added before the final directive ssl_bump stare all.

  3. Restart the Squid service. To do so, execute the command:

    service squid restart

The SSL Bumping exclusions will be added.

Page top