All, I have some general questions about reverse-proxying SSL. 1. What is the best way to do it using Squid: a. Do a straight redirect from port 443 to port 443 from server to server with no certificate presented from the firewall, but rather from the server that the connection is redirected to (is this even possible with Squid?). b. Redirect port 443 to port 80 on the destination server(s), and use the firewall to present each of the certificates. 2. If the answer is B, I have several backend SSL servers, all of which I want to redirect connections to. I am not good at all with server keys and certificates. Does anyone know of any documentation for how to deal with importing certificates that were generate for the backend servers, so they work on the Firewall? I found documentation for how to create and generate your own certificates, and keys, but I am afraid I don't know enough about the way keys and certificates work to fully understand how to make that work for my particular purpose. This is an aspect of proxying/reverse-proxying where my knowledge is weak, maybe some of you have some suggestions. Thanks!
