I want to log all https websites accessed from browsers in the network on Clear OS. Looking at their documentation they mention that this feature is not available in Clear OS by default.
Is there any method to decrypt and log https traffic on Clear OS. (This is for monitoring purpose).
(Eg: Visiting “en.wikipedia.org/wiki/Software documentation” should not be logged just as “en.wikipedia.org”. Need the full url).
Any methods to achieve this in Clear OS ?
Is there any method to decrypt and log https traffic on Clear OS. (This is for monitoring purpose).
(Eg: Visiting “en.wikipedia.org/wiki/Software documentation” should not be logged just as “en.wikipedia.org”. Need the full url).
Any methods to achieve this in Clear OS ?
Share this post:
Responses (3)
-
Accepted Answer
You can log it with the proxy in non-transparent mode. What you can't do is decrypt it as that is a policy decision by ClearOS not to enable SSL inspection (aka SSL Bump) as that would allow you to look at people's banking credentials and so on.
I am not sure how the proxy fares now with some apps doing their own DNS over HTTPS (DoH). I don't know what the proxy does with these. -
Accepted Answer
Google "squid ssl bump". This is one such link but note ClearOS does not use selinux and its firewalling is different.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »