Forums

Resolved
0 votes
I want to log all https websites accessed from browsers in the network on Clear OS. Looking at their documentation they mention that this feature is not available in Clear OS by default.

Is there any method to decrypt and log https traffic on Clear OS. (This is for monitoring purpose).
(Eg: Visiting “en.wikipedia.org/wiki/Software documentation” should not be logged just as “en.wikipedia.org”. Need the full url).

Any methods to achieve this in Clear OS ?
Wednesday, May 12 2021, 03:04 PM
Share this post:
Responses (3)
  • Accepted Answer

    Monday, May 17 2021, 07:12 AM - #Permalink
    Resolved
    0 votes
    Google "squid ssl bump". This is one such link but note ClearOS does not use selinux and its firewalling is different.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, May 17 2021, 05:34 AM - #Permalink
    Resolved
    0 votes
    Thanks for the reply Sir, Is there a way to enable/configure SSL Inspection/SSL Bump? By installing any third-party packages/tools?
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, May 12 2021, 03:48 PM - #Permalink
    Resolved
    0 votes
    You can log it with the proxy in non-transparent mode. What you can't do is decrypt it as that is a policy decision by ClearOS not to enable SSL inspection (aka SSL Bump) as that would allow you to look at people's banking credentials and so on.

    I am not sure how the proxy fares now with some apps doing their own DNS over HTTPS (DoH). I don't know what the proxy does with these.
    The reply is currently minimized Show
Your Reply