Aaron Gray wrote:
I have squid working perfectly as a caching proxy server.
If I access my squid proxy server from a network that has some kind of
"sniffing" software, they can see the headers are HTTP headers (even
though
it is on a weird port) and still identify where your going and read
all the
plain text HTML.
Is there any way to make it so that when I connect to the squid proxy and
authenticate (which I require based on my ACL) that it creates a SSL
connection (or something similar) to where all traffic is encrypted
even if
the destination page is not a https website? I want to hide the plain
text.
You can certainly encrypt the traffic between the client and Squid (look
into stunnel, http://www.stunnel.org/), but encrypting between Squid and
a non-SSL (HTTPS) server is not possible. If you just want to encrypt
the authentication, look into using digest.
Chris
