Skip to content
Builds Squid SSL-Bump Proxy with icap support for Raspberry Pi without using Docker
Shell
Branch: master
Clone or download
Pull request Compare This branch is 1 commit ahead, 12 commits behind justinschw:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
install.sh
startsquid.sh

README.md

(docker-less) squid-sslbump-rpi

squid ssl proxy with icap without Docker on raspberry pi. Based on justinschw/docker-squid-sslbump-rpi, which was based on syakesaba/docker-sslbump-proxy. The Docker install didn't work on my Pi Zero, so here it is on the "bare metal."

Base Environment

  • Tested on: raspbian/stretch on Pi Zero and Zero W (it works, but it takes a long time to build!)
  • Tested on: Ubuntu 18.04 on Azure
  • Instructions below require git (or you can download the files directly)
  • sudo apt-get update
  • sudo apt-get install git

Installation

git clone https://github.com/codepoet80/squid-sslbump-rpi.git
cd squid-sslbump-rpi
chmod +x ./install.sh
sudo ./install.sh
  • If you want, you can delete the squid-sslbump-rpi directory after install completes.

Using the Proxy

  • Set your client's proxy server to the IP address of your Pi , and use port 3128 (for both HTTP and HTTPS)
  • Export your fake root-cert from your Pi after installation and import it into your client web browsers.
  • (Root-cert path on the Pi after installation: /usr/local/squid/ssl/localCert.der)
  • OR, just access some HTTPS webpages from the client via the proxy and choose to "Trust Cert".

Note

  • This deliberately uses a root-cert with weak encryption to support old devices
  • Make sure your is proxy safe.
  • To prevent unwanted use, firewalls or some squid-acls should be applied.

License

MIT License
See: LICENSE

You can’t perform that action at this time.