tis 2006-04-25 klockan 17:18 -0400 skrev DGeorgie@xxxxxxxxx: > Without Squid the SSL authentication works as expected. When Squid is > added as a reverse proxy the following thing happens. For some reasons > Squid transforms https://myapp.com/mypath/secure back to > http://myapp.com/mypath/secure which triggers Apache rewrite rule again > creates https://myapp.com/mypath/secure redirect. > This happens again and again creating an endless loop. Squid and Apache > are on dedicated servers. Squid-2.5 as reverse proxy terminates the SSL connection. The connecion Squid->Web server is always HTTP. With Squid-3 (or the SSL update to 2.5 plus a bit more) it's possible to tell Squid to initiate an SSL connection to the backend server, but you should remember that this is independent of the client connection. If you need full SSL between the client and the web server, as is required for web servers making use of client-side certificates for authentication then there is no choice but to publish the web servers SSL port directly on the Internet. It is not possible to use a man-in-the-middle such as a reverse proxy in such setups. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
