Hi, Our J2EE application is database driven and lots of the content is dynamically created. Squid is used as a reverse proxy that sends requests to the application through Apache Web server. Apache does some rewrites of the URL of the request based on its value. For example http://myapp.com/mypath/secure would invoke a rewrite rule in Apache that will create a redirect to https://myapp.com/mypath/secure. Without Squid the SSL authentication works as expected. When Squid is added as a reverse proxy the following thing happens. For some reasons Squid transforms https://myapp.com/mypath/secure back to http://myapp.com/mypath/secure which triggers Apache rewrite rule again creates https://myapp.com/mypath/secure redirect. This happens again and again creating an endless loop. Squid and Apache are on dedicated servers. We are using Squid 2.5 Stable10 on RedHat 3.0 EL. The following directive instructs Squid to use the same SSL certificate used by Apache https_port 443 cert=/etc/squid/myapp-qa.cert key=/etc/squid/myapp-qa.key We are still investigating this issue. I am curious if other people had similar experience in setting up SSL with Squid as reverse proxy and Apache. Any help to resolve this issue would be highly appreciated. Thanks, Dimitar
