squid ssl proxy with icap without Docker on raspberry pi. Based on justinschw/docker-squid-sslbump-rpi, which was based on syakesaba/docker-sslbump-proxy. The Docker install didn't work on my Pi Zero, so here it is on the "bare metal."
- Tested on: raspbian/stretch on Pi Zero and Zero W (it works, but it takes a long time to build!)
- Tested on: Ubuntu 18.04 on Azure
- Instructions below require git (or you can download the files directly)
sudo apt-get update
sudo apt-get install git
git clone https://github.com/codepoet80/squid-sslbump-rpi.git cd squid-sslbump-rpi chmod +x ./install.sh sudo ./install.sh
- If you want, you can delete the
squid-sslbump-rpidirectory after install completes.
Using the Proxy
- Set your client's proxy server to the IP address of your Pi , and use port 3128 (for both HTTP and HTTPS)
- Export your fake root-cert from your Pi after installation and import it into your client web browsers.
- (Root-cert path on the Pi after installation:
- OR, just access some HTTPS webpages from the client via the proxy and choose to "Trust Cert".
- This deliberately uses a root-cert with weak encryption to support old devices
- Make sure your is proxy safe.
- To prevent unwanted use, firewalls or some squid-acls should be applied.