nick humphrey wrote:
i thought the "defaultsite" was supposed to reflect what was entered
into the browser on the outside of the internal network...maybe i had
just misunderstood that part...
No you understood correctly.
i'll give it a try...
thanks chris
have a nice night/day
2007/11/9, Chris Robertson <crobertson@xxxxxxx>:
nick humphrey wrote:
well, yeah i nat to the accelerator, but i don't know why it won't
send 80 from the accelerator to the cache on 8080. do i only need to
add a new https_port line, nothing else?
like this:
https_port 8080 cert=/usr/local/squid/etc/key.crt
key=/usr/local/squid/etc/key.key defaultsite=mycompany.no-ip.info:8080
https_port 80 cert=/usr/local/squid/etc/key.crt
key=/usr/local/squid/etc/key.key defaultsite=mycompany.no-ip.info:80
Believe the second one should be http_port, no 's', to accept web
traffic. And that directive does not take ssl parameters in 2.6/3.0
since there is no encryption between clients and squid in those requests.
Leave the cache_peer as before to retain the squid->server secure channel.
Also, the port on defaultsite only matters if the backend server needs
to know it. If it matters then both should probably be
"mycompany.no-ip.info:8080"
The second line should read:
https_port 80 cert=/usr/local/squid/etc/key.crt
key=/usr/local/squid/etc/key.key defaultsite=mycompany.no-ip.info:8080
So by default, squid points the requests at port 8080 on the accelerated
site.
Huh? No he wants to accept HTTP requests and convert them to HTTPS on
the internal side.
just doing that doesn't seem to be enough though, i don't get any response on 80
keep in mind, there is only a server (cache) listening on 8080, so i
want squid to convert the 80 requests and send them to the server as
8080...
Chris
Check the ACLs to make sure there are none restricting based on port
8080. They will need updating a little.
Amos
