Dwyer, Simon wrote:
Hi,
https_port 443 accel cert=/opt/ssl/mypage/my.page.com.crt
key=/opt/ssl/mypage/my.page.com.key defaultsite=my.page.com vhost
cache_peer 192.168.0.1 parent 80 0 no-query originserver login=PASS
name=my.page.com
Hmm, thats the right config for it. Methinks its the backend server
doing the URL re-writing since its generating pages for what it thinks
is HTTP.
Seeing as it is unencrypted squid->server then you should be able to
tcpdump/wireshark the requests and confirm which one is re-writing.
Amos
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 50 MB
cache_dir ufs /opt/csw/var/cache 1000 16 256
access_log /opt/csw/var/logs/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow all
http_reply_access allow all
icp_access allow all
cache_mgr admin@xxxxxxxx
visible_hostname hostname.com
coredump_dir /opt/csw/var/cache
I have not touched anything other than the cache peer, https_ports and
chaning the http_access to all. I will locked it down once I have it
working.
Cheers,
Simon.
-----Original Message-----
From: Keshava M P [mailto:keshava.mp@xxxxxxxxx]
Sent: Tuesday, 30 October 2007 2:06 AM
To: Dwyer, Simon
Cc: squid-users
Subject: Re: HTTPS Reverse proxy URL rewrite.
Hi,
can you post config?
regards,
On 10/29/07, Dwyer, Simon <sdwyer@xxxxxxxxxxxxx> wrote:
Hey everyone.
Still setting up my reverse https proxy server. I have it working to a
degree except that when I connect to the site it seems to be rewriting the
address from https to http.
The server in the back end is talking to squid with http but I want it
https
from squid to the user. I was under the understanding that this is
possible.
What I need to know is if its squid rewriting the url or the back end
server.
Cheers,
Simon Dwyer
