Yes. I have finished to set up reverse proxy server without SSL. It is
fast! I love it! Now it is an issue to add SSL on it.I think it will
not be hard. I will post the whole procedure and the actual woking
squid.conf file once I got success.
Thank you!
-----Original Message-----
From: Henrik Nordstrom <henrik@xxxxxxxxxxxxxxxxxxx>
To: fulan Peng <fulanpeng@xxxxxxxxx>
Cc: squid-users@xxxxxxxxxxxxxxx; Visolve Squid <squid@xxxxxxxxxxx>
Sent: Mon, 03 Jul 2006 07:34:54 +0200
Subject: Re: How to set up a reverse proxy server over
SSL?
mån 2006-07-03 klockan 09:17 +0530 skrev Visolve Squid:
Hello Peng,
The following steps are used to configure the squid-3.0 with SSL
Compile squid with the ssl support option
./configure --prefix=/usr/local/squid --enable-ssl
Edit the squid configuration for squid with SSL support (Reverse
proxy)
https_port 443 protocol=http
cert=/path/to/server/certificate/server_cert.pem
key=/path/to/server/key/server_priv_key.pem vport=<port in which the
back end server listen>
almost... you should primarily use defaultsite=your.main.site to enable
reverse proxy mode and maybe vhost is you need to support domain based
virtual hosting. vport is normally not needed. The port number is
specified in cache_peer.
As hinted above you also need a cache_peer line defining the origin
server address and port.
acl SSL method CONNECT
never_direct allow SSL
The CONNECT mthod is not applicable to reverse proxies and should
probably be denied entirely...
Regards
Henrik
