Search squid archive

Re: https questions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On fre, 2008-06-06 at 22:59 +0800, Ken W. wrote:

> I want to set squid, which accepts https from clients, then forward the
> request to original server with http protocal.
> 
> This is the setting I considered:
> 
> https_port 443 accel vhost cert=/squid/etc/xxx.crt key=/squid/etc/xxx.key
> protocol=http

Don't use protocol= unless you absolutely need it.

> cache_peer 10.0.0.1 parent 80 0 no-query originserver name=origin_1
> acl service_1 dstdomain .xxx.com
> cache_peer_access origin_1 allow service_1

Looks fine.

> Then I access to squid with this way:
> https://www.xxx.com/
> 
> Can squid accept this https request and forward it to original server with
> http correctly?

Yes.

But you are quite likely to run into issues with the server sending out
http:// URLs in it's responses unless the server has support for running
behind an SSL frontend. See for example the front-end-https cache_peer
option.

> btw, what's the usage of "protocol=http"? I can't understand for it
> enough.

It's the protocol Squid should internally assign to the requested URL.
When acting as a web server / accelerator the request does not contain
information on the protocol used, just the request-path.

It has only marginal practical importance, and is best left at the
default automatic setting unless you have very special reasons to change
it.

Regards
Henrik


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux