Tory M Blue wrote:
I was wondering if there was a way for Squid to pass on some basic information to the server citing that the original request was Secure, so that the backend server will respond correctly. Right now Squid takes and handles the SSL, passes back to the server via standard http and the application check, causes "basically a loop", because it wants to see the client using SSL and not standard HTTP.. This is only an issue with same hostname/headers that have access on both 80/443 as the application needs to know that someone came in secured and that the Squid box will respond in kind. Am I missing something basic? i'm not seeing it in the information currently that Squid passes. Otherwise the application could key off the originating dest port or similar Thanks Tory
You could make a second peer connection using HTTPS between squid and the back-end server and ACL the traffic so that only requests coming in via SSL are sent over that link. Leaving non-HTTPS incoming going over the old HTTP link fro whatever the server want to do.
Amos -- Please use Squid 2.6.STABLE19 or 3.0.STABLE4
