I'm trying to get a transparent https proxy setup working. I'm not looking to intercept or anything, I would like the https traffic to just be forwarded to the real host.
In squid I have something like: https_port 3130 cert=/etc/ssl/certs/host1.crt key=/etc/ssl/private/host1.key
However when I make a web request I'm prompted with the ssl certificate is invalid warning screen.
Am I doing something wrong? I tried adding 'transparent' to https_port and squid 3.4 won't start.
You have to generate a certificate request and then get it signed by a certification authority. You will have to use openssl for that.
You also have to redirect https incoming traffic from port 443 to port 3130. I think iptables is most suitable for that.
I would suggest to read this : http://ajayadas.com/e110body-anchor/
Hope this helps a little.