HI,
Does there exist any mechanism in ATS configured as a forward proxy to
allow proxying and inspection of HTTPS/SSL traffic between corporate
browsers (I say this as we have users accept terms of usage for our
systems) with a corporate CA added to their CA store and dynamically
generate certs from the corp CA key impersonating the original site?
FYI this is for the purpose of, very much primarliy, scanning for
malicious content and enabling caching of static objects retrieved via
https:// URLs (which would be a bonus but not essential).
For those that have done such a thing in Squid the Squid docs call these
features as in the subject line. Commercial proxies such as Bluecoat and
Barracuda offer this too - we've had some probs with Squid's
implementation recently and are looking for an alternative (which for
obvious reasons I'd prefer to be OSS/Libre software).
Any help much appreciated.
Alex
|