fre 2007-01-12 klockan 12:33 -0500 skrev Chatham Will Ctr AFCCC/SCO: > Hi, I'm getting in over my head a little and am hoping someone can help > straighten me out. > > Scenario: > > WWW<--SSL-->[Squid 2.26 Reverse Proxy]<--SSL-->[Apache web server] > > I have read in the Wiki that I may need to do some sort of SSL tunneling > to achieve the above scenario. True? Not for a reverse proxy. The reference to SSL tunneling probably is from discussions on how to encrypt browser proxy connections with SSL for getting to the Internet. Here the SSL tunnel is needed as the browsers do not support SSL encrypted proxy connections, only SSL encrypted web server connections.. > Or is it possible for Squid to listen for traffic from the www on > 80/443, then connect to the internal web server using SSL on another > port, such as 8443? Fully possible. The internal port is set in cache_peer. But be warned there is some technical issues with running servers on different ports than they are published on. It's best is the web server is always certain about what the real URL published on the Internet really is. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
