Hi Squid users, I have a problem and i hope someone knows the answer. - I use squid 2.5 Stable 5 on a Redhat Linux Enterprise 4 Server. - I configured it as reverse proxy with bind 9 DNS Service on the same system. - This proxy "sits" in a our DMZ and is accessible from outside via port 80 and 443. - We have several webservers which we want to protect over this reverse proxy ( they have private IP Adresses ). - I configured the https port with SSL certificat and ssl key. So, what i want is: 1) squid redirects every http request to https 2) squid administers our certification ans does the key exchange with the webbrowsers like an apache webserver does. 3) squid communicates with our internal webservers via http only. Point 1 and 3 works, but when i connect via webbrowser from internet i get the browserpopup which informs me: "the security certificate was issude by a company you have not choosen to trust" When i open a ssh connection direct to the webserver the browser takes the certificate without error. The difference is that in the apache configuration is a definition of "CertificateChainFile". Is it possible to define a cafile in squid 2.5 ( like in 3.x )? Or do you know another way to redirect to https port and using our certificate without errors? Thank you, Markus
