We do not want to know what is inside the package. Only monitor the destination URLs. Is it possible?
In other words: I want the Squid log accesses without being transparent proxy.
httpssquid
We do not want to know what is inside the package. Only monitor the destination URLs. Is it possible?
In other words: I want the Squid log accesses without being transparent proxy.
Best Answer
SSL/TLS was designed for end-to-end security.
Without SSl Bump/Dynamic certificate generation you will only see CONNECT and base domain part of url
Just like this
Instead of whole url like https://www.google.ge/#bav=on.2,or.&fp=61092a4c975e159e&num=100&q=asdasd&safe=off
Why is it so? Because HTTP header might contain some sensitive data, including session id (some ugly cases) and you might get access to the webpage/my session without my authorization, and because it's privacy - I don't want you to know that I am visiting some hidden porn sites :D
So, you (Squid) MUST know what is inside of package. In some countries this might be illegal.