-2

I would like to set up a home proxy server which would filter ads and viruses even before they get to the browser. The problem in this case is that many web sites use encrypted HTTPS connections and I don't want to disable this (as I prefer the data to be encrypted as they travel between my home and the server). So is it possible (and how if yes) to configure a trusted proxy server to act as man-in-a-middle decrypting and processing the traffic?

I'd prefer free open source solutions as I consider them mote trustworthy in such a sensitive task.

Ivan
  • 3,398
  • 19
  • 50
  • 71
  • "Server Fault is for Information Technology Professionals needing expert answers related to managing computer systems in a **professional capacity**." http://serverfault.com/faq – ceejayoz Apr 24 '13 at 21:27
  • N.B. to anyone finding this in search results; If you do get this working, every HTTPS site you go to will show with a valid certificate from your trusted certificate authority (which is what you want to make it work), but as a side effect, you cannot see if your bank has been hacked, or your connection intercepted elsewhere, because instead of getting a broken or fake SSL certificate warning, everything will always look fine and you will connect regardless. – TessellatingHeckler Apr 27 '13 at 03:43
  • "but as a side effect, you cannot see if your bank has been hacked, or your connection intercepted elsewhere" - Indeed. A good remark. This is what actually stops me from actually using this and what makes this totally not an option for an office. I hope this is obvious for the most of the people thinking about using this. – Ivan Apr 27 '13 at 14:32

1 Answers1

0

For squid, set up SSL Bump and dynamic SSL certificates, and be sure to add your new CA to your users' web browsers.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972