4. ACCESS CONTROL AND SECURITY #
5. FORWARDING #
6. MISCELLANEOUS #
- 7. TLS #
+ 7. HTTPS INSPECTION (EXPERIMENTAL) #
8. WINDOWS GUI OPTIONS #
#
##################################################################
<programlisting>
debug 1 # Log the destination for each request. See also debug 1024.
debug 2 # show each connection status
- debug 4 # show I/O status
+ debug 4 # show tagging-related messages
debug 8 # show header parsing
debug 16 # log all data written to the network
debug 32 # debug force feature
They can only be used if <application>Privoxy</application> has
been compiled with IPv6 support. If you aren't sure if your version
supports it, have a look at
- <literal>http://config.privoxy.org/show-status</literal>.
+ <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>.
</para>
<para>
Some operating systems will prefer IPv6 to IPv4 addresses even if the
</sect2>
-<sect2 id="tls">
-<title>TLS/SSL Inspection (Experimental)</title>
+<sect2 id="https-inspection-directives">
+<title>HTTPS Inspection (Experimental)</title>
+
+<para>
+ HTTPS inspection allows to filter encrypted requests.
+ This is only supported when <application>Privoxy</application>
+ has been built with FEATURE_HTTPS_INSPECTION.
+ If you aren't sure if your version supports it, have a look at
+ <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>.
+</para>
<!-- ~~~~~ New section ~~~~~ -->
</para>
<para>
The file can be generated with:
- openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650
+ <command>openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.crt -days 3650</command>
</para>
</listitem>
</varlistentry>
<term>Notes:</term>
<listitem>
<para>
- This directive specifies the name of the CA key file
- in ".pem" format. See the <ulink url="#CA-CERT-FILE">ca-cert-file</ulink>
- for a command to generate it.
+ This directive specifies the name of the CA key file in ".pem" format.
+ The <ulink url="#CA-CERT-FILE">ca-cert-file section</ulink> contains
+ a command to generate it.
</para>
</listitem>
</varlistentry>
AES128-SHA
</screen>
<screen>
- # Use keywords instead of explicity naming the ciphers (Does not work with MbedTLS)
+ # Use keywords instead of explicitly naming the ciphers (Does not work with MbedTLS)
cipher-list ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
</screen>
</listitem>
</para>
<para>
An example file can be downloaded from
- <ulink url="https://curl.haxx.se/ca/cacert.pem">https://curl.haxx.se/ca/cacert.pem</ulink>.
+ <ulink url="https://curl.se/ca/cacert.pem">https://curl.se/ca/cacert.pem</ulink>.
+ If you want to create the file yourself, please see:
+ <ulink url="https://curl.se/docs/caextract.html">https://curl.se/docs/caextract.html</ulink>.
</para>
</listitem>
</varlistentry>