TLS Connection Upgrade for Windows

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

TLS Connection Upgrade for Windows

De Leon, Ma Katrina B.
Hi,

I've seen several discussions on using Squid proxy to upgrade client TLS connections using ssl_bump. But all of the existing discussions applies to Linux/Unix Systems.
Can anyone confirm if this is also applicable or possible for Windows? I am trying to integrate our application (SAP PI) which uses TLS 1.0 to Salesforce which only allows TLS 1.1 and above.
Any response is very much appreciated. Thank you!

Best Regards,
De Leon


________________________________

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
______________________________________________________________________________________

www.accenture.com
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: TLS Connection Upgrade for Windows

Amos Jeffries
Administrator
On 15/08/18 21:19, De Leon, Ma Katrina B. wrote:
> Hi,
>
> I've seen several discussions on using Squid proxy to upgrade client TLS connections using ssl_bump. But all of the existing discussions applies to Linux/Unix Systems.
> Can anyone confirm if this is also applicable or possible for Windows? I am trying to integrate our application (SAP PI) which uses TLS 1.0 to Salesforce which only allows TLS 1.1 and above.

The SSL-Bump features are not specific to any OS. They rely solely on
the Squid and OpenSSL versions being used.

The problems you will encounter with Windows is its lack of NAT or
TPROXY capabilities. So port 443 traffic cannot be intercepted into the
proxy in the first place (same for port 80, etc).

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users