I would like a step by step guide because I havent' time to spend....; also because I already spent 2 weeks to configure squid intergraded in active directory (nt groups authentication instead ip policy) and I can't work full time on squid Isa at least provide a friendly gui and has tons of documents in particular for reverse proxy. Until I will find a good guide (or time to spend) I will use isa.... thanks -----Messaggio originale----- Da: Joel CARNAT [mailto:joel@xxxxxxxxxx] Inviato: venerdì 10 novembre 2006 15.42 A: Reale Marco Cc: squid-users@xxxxxxxxxxxxxxx Oggetto: Re: R: Re: [squid-users] Reverse proxy HTTPS to HTTP, with 2.6 Hi, isn't this that you want to do: http://www.mail-archive.com/squid-users@xxxxxxxxxxxxxxx/msg41994.html for the authent, I suspect you have to look for NTLM authent. but I don't know how to (windows) authenticate users from Squid. On Ven, nov 10 2006 - 14:57, Reale Marco wrote: > Hi joel and henrik > > I'm interested in yours thread. Can you briefly to synthetize all needed steps? > I would like to configure reverse proxy for my owa (exchange 2003) > > Actually this is my configuration > > Internet > | > |(http requestes redirected to https by isa) > Dmz - Isa Server 2006 (reverse proxy) > |(http communication between isa and exchange) > | > Internal Exchange 2003 > > > 1) When a user write in his browser http://webmail.mycompany.it isa before all redirect http request to https (a certificate is installed on isa) and it allow nt authentication over http (in isa there is a menu in order to enable this future); Isa "speak" through http with my internal exchange server and if user's domain credential are correct, email box is displayed. > > Ho can I make the same thing with Squid? I would like to substitute > isa with squid > > Thanks > > -----Messaggio originale----- > Da: Joel CARNAT [mailto:joel@xxxxxxxxxx] > Inviato: venerdì 10 novembre 2006 14.23 > A: Henrik Nordstrom > Cc: squid-users@xxxxxxxxxxxxxxx > Oggetto: Re: Re: Reverse proxy HTTPS to HTTP, with 2.6 > > On Ven, nov 10 2006 - 12:12, Henrik Nordstrom wrote: > > fre 2006-11-10 klockan 11:57 +0100 skrev Joel CARNAT: > > > > > Now that I upgraded to 2.6, I read those options don't exist > > > anymore and are replaced by options in http_port/https_port. > > > Publishing HTTP to HTTP is OK but publishing HTTPS to HTTP doesn't work. > > > I have configured 2.6 as follow: > > > ################################################################## > > > ## > > > #### > > > http_port 80 transparent > > > https_port 443 cert=/etc/openssl/certs/server.pem > > > key=/etc/openssl/private/server.key > > > > > > The above should be > > > > http_port 80 defaultsite=your.main.http.website.name vhost > > https_port > > 443 defaultsite=your.https.website.name cert=... > > > > And then a cache_peer with the origin server option to tell Squid > > where to forward the requests. > > > > Great, it works - I had to use "vhost" on the https_port too. > > Thanks a lot for your help! > > Jo >
