reyk/relayd-superfish.conf

## relayd-superfish.conf
#superfish relayd.conf example.
# Using Lenovo's pre-installed "superfish" private key and CA certificate.
# http://support.lenovo.com/us/en/product_security/superfish

# First set up a redirection in pf.conf:
#pass in on $int_if inet proto tcp to port 443 divert-to 127.0.0.1 port 8080
#pass out on $ext_if nat-to ($ext_if:0)

# Now get the superfish.pem online, eg. from:
# https://gist.github.com/mathiasbynens/7a13a467b22c42505490

# And run relayd on the gateway with the following configuration:
http protocol "superfish" {
        return error

        # The CA key to create and sign server certificates on the fly:
        tls ca cert "/etc/ssl/superfish.pem"
        tls ca key "/etc/ssl/superfish.pem" password "komodia"

        # Simple example: log all HTTPS URLs
        pass url log
}

relay "www" {
        listen on 127.0.0.1 port 8080 tls
        protocol "superfish"
        forward with tls to destination
}
	#superfish relayd.conf example.
	# Using Lenovo's pre-installed "superfish" private key and CA certificate.
	# http://support.lenovo.com/us/en/product_security/superfish

	# First set up a redirection in pf.conf:
	#pass in on $int_if inet proto tcp to port 443 divert-to 127.0.0.1 port 8080
	#pass out on $ext_if nat-to ($ext_if:0)

	# Now get the superfish.pem online, eg. from:
	# https://gist.github.com/mathiasbynens/7a13a467b22c42505490

	# And run relayd on the gateway with the following configuration:
	http protocol "superfish" {
	return error

	# The CA key to create and sign server certificates on the fly:
	tls ca cert "/etc/ssl/superfish.pem"
	tls ca key "/etc/ssl/superfish.pem" password "komodia"

	# Simple example: log all HTTPS URLs
	pass url log
	}

	relay "www" {
	listen on 127.0.0.1 port 8080 tls
	protocol "superfish"
	forward with tls to destination
	}