Hi Henrik Thanks very much for your prompt reply which got me onto the right track. On Tue, 2007-05-22 at 00:30 +0200, Henrik Nordstrom wrote: > tis 2007-05-22 klockan 10:02 +1200 skrev Grant McLean: > > Hi All > > > > I'm setting up Squid for the first time, in accelerator mode in front of > > an Apache/mod_perl app. Squid is listening on both port 80 (HTTP) and > > port 443 (HTTPS). The basics (including SSL cert stuff) are working but > > I've hit a bit of a road block. > > > > Is there any way to tell that a particular request came in on the SSL > > port? > > Yes. > > To have this forwarded to the backend server see the front-end-https > cache_peer option. > > To detect this within Squid see the myport acl, or alternatively the > proto acl (but see below). This response left me quite confused until I realised my main problem was that I was using the packaged binary of Squid in Debian Sarge (2.59). Things have obviously changed a lot since that version - the most obvious thing being that accelerator mode is now configured via cache_peer rather than httpd_accel_host. I had to rebuild the package to enable SSL support so it was just as easy to build the Etch package (2.65) instead. With that in place and applying your advice, I now have my redirector processes happily detecting insecure requests for secure data and issuing redirects. Thanks again Grant
