Search squid archive

Re: HTTPS -> Squid -> HTTP -> origin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On ons, 2007-10-03 at 10:40 +0100, Bruce Badger wrote:
>> It's great to see RC releases of Squid 3.0.
>>
>> One of the things I heard would be possible with Squid 3.0 is to have
>> Squid accept HTTPS requests and to pass these on to an origin server
>> as HTTP requests and the reverse effect with responses,
>
> Yes, this has been possible since Squid-2.5, and is still possible in
> 3.0..
>
> see the https_port directive. And the FAQ chapter on reverse proxying.
>
>> I found no mention of SSL or HTTPS on the reverse proxy page.
>
> Right.. certainly deserves to be mentioned there. Any takers for writing
> up that part?
>

I was thinking of it last night with the HTTPS tests.
 The problem though was that I don't seem to understand it very well. When
I configured:

   https_port 3127 cert=/test/squid.pem key=/test/squid.key
defaultsite=treenet.co.nz
   cache_peer *** 80 0 originserver
   ...

Then requested "https://192.168.0.192:3127/"; in the browser to grab from
the test cache. I kept getting squid error pages indicating it could not
connect to "https://treenet.co.nz/";

Is there something that elides the 'https' in the relayed request?

This is the test config I mentioned elsewhere that wouldn't even accept
connections unless visible_hostname matched the encrypted domain inside
the .pem.

Amos



[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux