SSL Transparent Proxy Authentication using LDAP
When the first URL is an HTTPS site, authentication fails. However, if the first URL is an HTTP site, authentication works correctly.
This document will walk you through the steps needed to setup SSL transparent proxy authentication using LDAP authentication.
The document uses the following as examples:
url.port=80 authenticate(nonSSL_Auth) authenticate.force(no) authenticate.mode(origin-cookie-redirect)
url.port=443 authenticate (SSL_Auth) authenticate.force(no) authenticate.mode(origin-cookie-redirect)
SSL AUTHENTICATION WITH BYPASSED SITES
This is the example policy that needs to be in place if you are bypassing certain sites for SSL interception and are doing SSL authentication. The key elements are in blue. This is an example that shows bypassing sites categorized with "financial services". Your specific policy may vary, but hopefully this will provide some idea of what needs to be done.