mån 2007-02-05 klockan 16:47 -0500 skrev Steve Kapp: > We need an HTTP->HTTPS translator so that internal network traffic may stay > unencrypted, a requirement from some of our customers. I have seen this > question asked previously about squid in the archives, and the answer seems > to be 2.5+ssl patch offers this feature, as does 3.0. > > Does 2.6 also support this feature? Yes. > Also, does anyone have a sample config file that supports this setup? There is three ways of using this depending on what your functionality requirements are: a) With Squid acting as an accelerator/reverse proxy for a defined list of sites, upgrading these sites to https. You then use the ssl option to cache_peer to wrap the request in SSL. b) By using a HTTP client sending https:// URLs to Squid. Squid will then maintain the SSL on behalf of the client. c) Using a url rewriter helper to rewrite selected http:// URLs into https:// per your own specifications, making Squid process the request as a https:// request even if the client requested http:// It's also possible to extend Squid with the capability to decrypt CONNECT SSL proxy requests allowing inspection of https traffic. Contact me privately if you want a quote on implementing this feature. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
