EFW Support

Support => EFW SMTP, HTTP, SIP, FTP Proxy Support => Topic started by: Kajowas on Thursday 15 May 2014, 05:11:20 pm



Title: EFW 3.0: HTTPS requests not processed by C-ICAP filter on NON-transparent proxy
Post by: Kajowas on Thursday 15 May 2014, 05:11:20 pm
Hello,
I have seen this issue sometimes on old posts but none of them refer to EFW 3.0 and I verified this issue doesn't happen on 2.5.2

Actually I had an old server with efw 2.5.2 which filtered out every connection to facebook (just an example, same happens with different socials o sites as flickr, twitter, etc...) both http//www.facebook.com and https://www.facebook.com

Now I see that 3.0 version doesn't filter the https connections anymore, just the http ones...

I also see that new 3.0 version which uses C-icap (instead of old dansguardian) now have a tab with https proxy to enable, but also enabling it doesn't change more... just a little security advice when opening https sites but they still open... (sometimes without correct formatting, but they opens... and it's not good)

I know the https could have problems with transparent proxy, but I only use NON-TRASPARENT Proxy so the traffic should be checked both on http and https... is it a bug of the new 3.0 version?


Title: Re: EFW 3.0: HTTPS requests not processed by C-ICAP filter on NON-transparent proxy
Post by: dda on Tuesday 20 May 2014, 04:45:42 am
You have to enable the https proxy and import the certificate into the trusted root certificate store.